Equifax Slapped with £11m Fine by FCA for Cyber-Breach: 13.8m Britons’ Data Exposed
Equifax, one of the leading credit reference agencies, has been hit with a staggering £11 million fine by the Financial Conduct Authority (FCA) following a massive cyber-breach. This incident is considered one of the most significant data breaches in history. The FCA’s investigation revealed that Equifax had failed to adequately manage and monitor the security of UK consumer data, resulting in cyber criminals gaining access to the personal information of 13.8 million Britons. This compromised data included names, dates of birth, addresses, phone numbers, login details, and even some credit card information.
The fine imposed on Equifax raises concerns about the overall security of highly sensitive financial information handled by credit ratings agencies like Equifax, Experian, and TransUnion. These agencies hold crucial data that affects people’s ability to secure mortgages, personal loans, car insurance, and even basic bank accounts or mobile phone contracts. The FCA has continuously urged credit reference agencies to enhance the quality of their data, as numerous individuals could potentially face exclusion from accessing finance due to inaccuracies in their credit reports. Additionally, the FCA is also investigating the lack of competition within the UK credit rating market.
Jessica Rusu, the FCA’s chief data, information, and intelligence officer, emphasized the increasing importance of cyber security and data protection in ensuring the security and stability of financial services. She believes that firms not only have a technical responsibility to ensure resiliency against breaches, but also an ethical responsibility in handling consumer information.
The FCA’s investigation revealed that Equifax failed to treat its relationship with its US parent company as an outsourcing arrangement, leaving it vulnerable to the 2017 hack, which could have been avoided. The regulator stated that Equifax did not exercise sufficient oversight on the management and protection of the data it was sending. The FCA also criticized Equifax for its delayed response in discovering the breach in UK consumer data, only learning about it six weeks after their parent company had detected the hack. Furthermore, Equifax mishandled customer complaints and provided inaccurate information about the number of affected consumers in public statements.
Therese Chambers, the joint executive director of enforcement and market oversight at the FCA, emphasized that financial firms must prioritize the security of customer data, as it remains a prime target for cyber criminals. Equifax’s failure to protect this data and their subsequent mishandling of the breach underscore the importance of maintaining high standards in data protection. Chambers mentioned that the risk of identity theft is ever-present, and firms must continually invest in robust cybersecurity programs to combat sophisticated and innovative cyber threats.
Equifax’s president for Europe, Patricio Remon, highlighted the company’s cooperation with the FCA throughout the investigation and their significant investments in security and technology transformation since the cyberattack six years ago. Remon claimed that Equifax has one of the world’s most advanced cybersecurity programs and consistently ranks among the top technology and financial services companies in terms of protecting networks, information, and systems from threats.
Reports indicate that flaws in credit scoring systems currently exclude over seven million people in the UK from accessing affordable financial services, resulting in them resorting to more expensive alternatives like sub-prime lenders. Insufficient credit record information also hinders approximately five million individuals from accessing financial products and public services, according to a survey by Experian.
Please note that some links in this article may be affiliate links. Clicking on them may earn us a small commission, which supports the funding of This Is Money and helps us keep our content freely accessible. We want to clarify that we do not write articles for the sole purpose of promoting products, and our editorial independence remains unaffected by any commercial relationship.
Denial of responsibility! Vigour Times is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
