Remember the Equifax breach? The major security havoc affected one of the largest credit reporting companies operating in the USA. As a result of the malicious intrusion, cybercriminals were able to obtain information on millions of users worldwide. The data breach, which happened between 13 May and 30 July 2017 in the US, affected 146 million customers on a global scale.
UK’s Information Commissioner’s Office (ICO) Imposed £500,000 Fine
Now, the company has been issued a fine in the size of £500,000 due to the data of 15 million UK citizens which was compromised in the breach. The UK’s Information Commissioner’s Office (ICO) imposed the fine after an investigation into the catastrophic breach, their report said.
The ICO investigation found that, although the information systems in the US were compromised, Equifax Ltd was responsible for the personal information of its UK customers. The UK arm of the company failed to take appropriate steps to ensure its American parent Equifax Inc, which was processing the data on its behalf, was protecting the information.
Equifax hackers were able to compromise private servers of the company. The following types of data were extracted: social security numbers (SSN), addresses, date of birth, driver license numbers and payment card details of approximately 209 000 US citizens. In addition, the criminals obtained other types of documents that also contain identifying information, such listings of about 182 000 consumers were accessed. Private data on Canadian and British residents was also stolen.
The data breach was caused by an exploitation of an Apache Struts vulnerability CVE-2017-5638, a patch for which wasn’t applied in a timely manner. It affected mostly US citizens. However, data of 15 million UK citizens was also compromised. As it appears, the UK arm (Read more...)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | SensorsTechForum.com authored by Milena Dimitrova. Read the original post at: https://sensorstechforum.com/equifax-fined-500000-15-million-uk-citizens/