Equifax has confirmed that around 400,000 UK customers' data may have been accessed by hackers as part of the massive data breach that hit the firm in July this year. Last week, the US-based credit rating firm announced that it was hit by hackers in what is now considered one of the largest data breaches of the year. The attack saw data of around 143 million US customers possibly having been stolen by hackers.
Now, Equifax Ltd. – the credit rating agency's UK arm – has announced that while its systems remain unaffected by the breach, data on around 400,000 UK consumers, which was stored in the US between 2011 and 2016, may have been stolen by hackers. Users' names, date of birth, email addresses and phone numbers were among the data that may have been accessed by hackers.
Additional details of the firm's massive breach come even as two of the firm's executives, chief security officer Susan Mauldin and chief information officer David Webb announced their immediate retirement.
However, Equifax confirmed that the data affected did not include residential address information, password information and financial data. The firm also said that the "nature of the information" accessed suggests that "identity takeover is unlikely for the UK consumers who had their data potentially accessed in this incident". However, the firm said that it will offer affected customers a free comprehensive identity protection service, which will allow consumers to track their credit information, personal data and alert them of any potential signs of fraudulent activities.
"We apologise for this failure to protect UK consumer data. Our immediate focus is to support those affected by this incident and to ensure we make all of the necessary improvements and investments to strengthen our security and processes going forward," Patricio Remon, President at Equifax Ltd. said in a statement.
Previously, news broke that hackers successfully stole over 200,000 credit card accounts in the massive breach. The firm also previously said that personally identifiable information (PII) of some 182,000 customers was stolen by hackers.
Equifax has come under intense scrutiny over its handling of the historic breach. The firm is already facing major class-action lawsuits. The firm said that its internal investigation into the massive breach is still ongoing and that it is also working closely with the FBI in its probe.