Equifax says 15.2m United Kingdom records also exposed

Fill 1

Equifax was hit by a major breach from mid May to July

It said the 693,665 British consumers would be notified of the post and offered help to mitigate the effects of the leak. "The credit reporting agencies profit by selling consumers' information and they have a responsibility to protect that same information".

The company was alerted in March that a software security vulnerability existed in one or more of its systems, but it failed to fix the problem because of "both human error and technology failures", former CEO Richard Smith told a US congressional committee.

The breach also impacted some British and Canadian consumers.

"The scope and breadth of the Equifax data breach was extraordinary and all consumers are rightfully concerned about the security of their personal and financial information and skeptical of using a security freeze mechanism provided by the same company that compromised that information", Kilmartin said.

USA consumers started being notified by Equifax after it disclosed the incident on September 7.

In Washington, dozens of senators called for a federal investigation into the stock sales, while a number of law firms and legal advice organisations were encouraging consumers to join class action lawsuits against the company, or start their own legal action in local small claims courts.

Equifax said that it had not yet started notifying the affected United Kingdom consumers because it did not think it was "appropriate" as it was waiting until "the full forensics investigation was completed".

Patricio Remon, president of European operations, said: "Once again, I would like to extend my most honest apologies to anyone who has been concerned about or impacted by this criminal act".

Communication from the company when the Equifax data breach hit was non-existent to begin with, leaving the UK's National Cyber Security Centre to raise awareness to the result of the attack. 14,961 people have had their Equifax membership details from 2014 accessed - this is likely to include username, password, secret questions and answers, and partial credit card details.

Hackers breached Equifax's system in May and maintained access to the information for more than a month until the company discovered the suspicious activity at the end of July. Last week, the firm's CEO Rick Smith resigned, closely following the departures of Equifax's CIO and CSO.

Related News: