Equifax has once again issued an updated statement, announcing that hackers stole over 15 million UK client records. Although the firm said last month that 400,000 UK customers were affected by the historic breach sustained by the company, according to Equifax's updated statement the number of users impacted by the hack is considerably higher.
Nearly 700,000 British users have been affected by the data breach. Equifax confirmed that the data targeted by hackers contained UK customer records dated between 2011 and 2016. Of the 15.2 million hacked records, around 14.5 million contained limited personal information of clients, restricted to customers' names and dates of birth.
"Once again, I would like to extend my most sincere apologies to anyone who has been concerned about or impacted by this criminal act," said Patricio Remon, President for Europe at Equifax Ltd (UK)." It has been regrettable that we have not been able to contact consumers who may have been impacted until now, but it would not have been appropriate for us to do so until the full facts of this complex attack were known, and the full forensics investigation was completed."
Equifax said that its already begun notifying affected customers by post. The firm said that hackers stole data from 12,000 customers who had linked email addresses to their Equifax account in 2014. Nearly 15,000 users' account details including usersnames, passwords and partial credit card numbers were stolen by the hackers. Nearly 30,000 customers' driving license numbers were also stolen and over 630,000 users' phone numbers were stolen by the hackers.
GCHQ's cyber arm, the NCSC (National Cyber Security Center) issued out a statement advising affected users on how to handle the breach. The NCSC also warned about the risk of phishing scams and online fraud, urging people to carefully manage their passwords across all online services.
Equifax has come under intense scrutiny since news of the massive breach first came to light. Last week, the firm's CEO Rick Smith resigned, closely following the departures of Equifax's CIO and CSO.
Although neither the firm nor law enforcement officials have commented on the identity of the hackers yet, speculations are abound pointing to the attack having been mounted by suspected Chinese state-sponsored hackers. Investigations into the breach, both the firm's internal probe as well as those launched by law enforcement authorities, are currently ongoing.