Equifax has announced that a data breach could potentially have affected 143 million consumers in the US. Hackers exploited a vulnerability in a US website application to gain unauthorised access to files from between May and July. The company said the exposed data include names, birth dates, Social Security numbers, addresses and some driver's licence numbers.

Commenting on news, cyber security lead at law firm Mishcon de Reya, Joe Hancock says the extent of the loss is as yet not fully understood.

“The Equifax breach could affect as many 143million records but the fact that this is still considered a 'potential' breach demonstrates how hard it is to understand the full extent of the loss. The breach seems to mostly impact US customers at present, but I believe it will extend to other countries such as the UK. Equifax has roughly 800m records worldwide and the number of UK customers affected is currently unknown. Additionally, no service had been provided to check if it contains an individual’s data as has been provided in the US,” he said, adding that the fraud alerts Equifax provides after data breaches are clearly no longer useful any more.

“More needs to be done to protect those whose data is lost, as those services themselves become targets,” he added.

“The share sales may indeed not be linked to this breach, but the timing and perception created will likely lead to an investigation by regulators. The perception of how the business acts after a data breach matters as much as their cyber security beforehand. It's clear that Equifax weren't prepared for this kind of event, even though it is alleged the breach was detected in June.”

Share Story: