We already knew that Americans weren’t the only ones to be rightly concerned about the Equifax hack, but the latest statement from the company’s UK branch is quite something.
Equifax Ltd has confirmed to Mashable that a file containing personal data of “fewer than 400,000 UK consumers” was stolen in the 7 September breach.
That happened because of a “process failure” — or an epic fail as we normal humans say — which saw UK data being stored in the U.S. for a good 5 years, between 2011 and 2016. It was only corrected last year.
The information included the customers’ name, date of birth, email address, and a telephone number, according to Equifax, which added that the data “does not include any residential address information, password information or financial data.”
Moreover, Equifax sought to reassure UK customers that any “identity takeover is unlikely.” The company said it will be contacting affected customers and offer them a free comprehensive ID protection service “which will allow them to monitor their personal data, including their credit information and be alerted to any potential signs of fraudulent activity.”
“We apologise for this failure to protect UK consumer data,” Patricio Remon, President at Equifax Ltd. said. “Our immediate focus is to support those affected by this incident and to ensure we make all of the necessary improvements and investments to strengthen our security and processes going forward.”
The Information Commissioner’s Office, a.k.a. the UK’s data protection authority, said they have been “pressing the firm to establish the scale of any impact on UK citizens and have also been engaging with relevant US and UK agencies about the nature of the data breach.”
“Members of the public should remain vigilant of any unsolicited emails, texts or calls, even if it appears to be from a company they are familiar with,” the regulator warned the public. “We also advise that people review their financial statements regularly for any unfamiliar activity.”
As many as 143 million Americans — about 44% of the U.S. population — had personal information stolen from Equifax due to a vulnerability of the systems.