There Are Even More Equifax Victims Than Originally Reported

Rafia Shaikh
Equifax data breach
Equifax data breach targeted 15.2 million UK records

The mega breach of Equifax continues to prove even more disastrous with every passing week. After adding an additional 2.5 million American victims, the company has now revealed that the data of over 15.2 million UK customers has also been stolen. Even though the breach didn't affect the company's UK business, it has still managed to compromise the personal information of a number of its British consumers.

"Today Equifax can confirm that a file containing 15.2m UK records dating from between 2011 and 2016 was attacked in this incident," the credit reporting agency revealed earlier today. "Regrettably this file contained data relating to actual consumers as well as sizeable test datasets, duplicates and spurious fields."

Related StoryRafia Shaikh
Quora Hacked – Breach Leaks Personal Information of Over 100 Million Users  

The company had originally said that the data of UK consumers "fewer than 400,000" was compromised. It had also earlier claimed that no passwords or financial information was stolen during the breach making identity theft an unlikely outcome.

Equifax continues to add more victims

Equifax has now revealed that out of 15.2 million consumers, nearly 700,000 have had their personal data stolen that included their usernames, passwords, driving license numbers, and partial credit card details. Equifax is now alerting these 693,665 consumers by post. It added that stolen data also included credit card details of 15,000 customers.

The company said that the rest of 14.5 million compromised records "may contain the name and date of birth of certain UK consumers," which it claims doesn't "introduce any significant risk to these people." Equifax is yet to reveal if the stolen passwords and other data was in plaintext or encrypted.

The country's National Cyber Security Centre in its own statement said that it was aware of the breach and recommended users to not reuse passwords and look out for "realistic" phishing attacks that may use this leaked data in statements like:

"To show this is not a phishing email, we have included the month of your birth and the last 3 digits of your phone number."

Today's disclosure could likely raise questions on Equifax transferring sensitive, personal credit data across the Atlantic. The company holds details of over 44 million consumers in the UK and over 145 million people in the US.

- Despite Massive Security Catastrophes, Credit Reporting Giant Wins a Multimillion-Dollar IRS Contract

Deal of the Day