UK Fallout From The Massive Breach At Equifax

Uploaded on 2018-09-20 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Law

It's been a year since the credit monitoring company Equifax admitted it had suffered one of the largest data breaches in recent memory, exposing the personal information of a whopping 143 million US consumers. 

Today The UK Information Commissioner’s Office has issued Equifax’ UK subsidiarty  Ltd with a £500,000 fine for failing to protect the personal information of up to 15 million UK citizens during a cyber attack in 2017.

The ICO investigation found that, although the information systems in the US were compromised, Equifax Ltd was responsible for the personal information of its UK customers. The UK arm of the company failed to take appropriate steps to ensure its American parent Equifax Inc, which was processing the data on its behalf, was protecting the information.

In a statement released at the time, Equifax confirmed approximately 100,000 Canadians were also affected too, with names, addresses, social insurance numbers (SIN) and, in limited cases, credit card numbers among the personal information potentially accessed.

Equifax said that the breach occurred in mid-May 2017, but that it only discovered intruders had compromised its systems nearly two months later. For reasons that remain unclear, it took yet another month for the company to publicly disclose the breach.

Bloomberg has reported that it was actually the second time the company had been breached in 2017. The prior incident occurred in March according to Bloomberg's sources, with one saying it involved the same intruders as the subsequent hack.

Equifax claimed the two incidents were unrelated, but  the company certainly knew it was being targeted in spring 2017.

That timeline will ulimately prove important, given three of the company's executives sold almost $1.8 million US in shares in the days after the July 29 discovery that the company had been breached. Equifax has denied the executives knew of the breach when they sold their shares, although legal action continues 

Information Commissioners Office:        Global News

You Might Also Read:

Equifax: Insider Trading Charges:
 

« The Human Factor Is Essential To Eliminating Bias in Artificial Intelligence
Millions Of WiFi Routers Are At Risk Of Hacking »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

authen2cate

authen2cate

Authen2cate offers a simple way to provide application access with our Identity and Access Management (IAM) solutions for enterprise, small business, and individual customers alike.

Cyber Security Recruiters

Cyber Security Recruiters

Cyber Security Recruiters is a niche recruiting firm who finds impact players for our clients in the Information Security Space.

Uniscon

Uniscon

Uniscon is a leading provider of cloud security solutions in Europe.

Telecommunications Industry Association (TIA)

Telecommunications Industry Association (TIA)

TIA works to secure trust in networks by advocating public policy positions on the security of ICT equipment and services related to critical infrastructure, supply chain and information sharing.

IQ Solutions

IQ Solutions

IQ Solutions is a Digital Integrator and an ICT Services Provider, focusing on innovative Cyber Secured ICT managed solutions tailored to the needs of the Maritime Industry.

Greensafe IT

Greensafe IT

Greensafe offer various onsite and offsite data erasure services, aimed at increasing data security whilst reducing any risk of data loss during transit.

HUB Security

HUB Security

Hub Security provide Ultra Secure, Military Grade HSM (Hardware Security Module) Solutions for Blockchain and Digital Assets.

Dataprovider.com

Dataprovider.com

Our Brand Protection Suite gives you the tools to discover trademark infringement on the Internet, such as websites selling counterfeit products, even when this is not immediately noticeable.

CyberSN

CyberSN

CyberSN matches cybersecurity professionals to jobs and removes the pain from job searching and hiring.

Lockheed Martin

Lockheed Martin

Lockheed Martin deliver full-spectrum cyber capabilities and cyber resilient systems to defense, intelligence community and global security customers.

comforte AG

comforte AG

comforte AG is a leading provider of data-centric security technology. Organizations worldwide rely on our tokenization and format-preserving encryption capabilities to secure personal, sensitive data

RankedRight

RankedRight

RankedRight empowers security teams to take immediate action on their most critical risks.

Single Point of Contact

Single Point of Contact

Single Point of Contact is a Managed IT Services provider that helps businesses to achieve a seamless and secure IT environment.

PCCW Global

PCCW Global

PCCW Global is a leading communications service provider, offering mobility, voice and data solutions to multinational enterprises, telecomms partners, cloud and application service providers.

Ceeyu

Ceeyu

Ceeyu is an all-in-one cybersecurity ratings and third party risk management platform.

Deepware

Deepware

Deepware is an emerging AI research company dedicated to exploring the potential of GenAI in both generation and detection.