Equifax

Equifax

In 2017, Equifax suffered a massive cybersecurity breach that exposed personal data of around 13.8 million UK consumers. The leaked data included names, birth dates, phone numbers, partial credit card details, and addresses. The breach was linked to Equifax's inadequate oversight of its data outsourcing to its US parent company, resulting in preventable vulnerabilities. Equifax's delayed response to the breach and subsequent mishandling of customer complaints highlighted a failure in maintaining adequate cybersecurity measures and an insufficient complaints management system.

Source: https://www.fca.org.uk/news/press-releases/equifax-ltd-fine-cyber-security-breach

TPRM report: https://scoringcyber.rankiteo.com/company/equifax

"id": "equ409051424",
"linkid": "equifax",
"type": "Cyber Attack",
"date": "09/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '13.8 million',
                        'industry': 'Credit Reporting',
                        'location': 'United Kingdom',
                        'name': 'Equifax',
                        'type': 'Company'}],
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': '13.8 million',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Credit Card Details']},
 'date_detected': '2017-09-07',
 'date_publicly_disclosed': '2017-09-07',
 'description': 'In 2017, Equifax suffered a massive cybersecurity breach that '
                'exposed personal data of around 13.8 million UK consumers. '
                'The leaked data included names, birth dates, phone numbers, '
                'partial credit card details, and addresses. The breach was '
                "linked to Equifax's inadequate oversight of its data "
                'outsourcing to its US parent company, resulting in '
                "preventable vulnerabilities. Equifax's delayed response to "
                'the breach and subsequent mishandling of customer complaints '
                'highlighted a failure in maintaining adequate cybersecurity '
                'measures and an insufficient complaints management system.',
 'impact': {'brand_reputation_impact': 'Significant',
            'customer_complaints': 'High',
            'data_compromised': ['Names',
                                 'Birth dates',
                                 'Phone numbers',
                                 'Partial credit card details',
                                 'Addresses'],
            'identity_theft_risk': 'High',
            'payment_information_risk': 'High'},
 'lessons_learned': 'Importance of adequate cybersecurity measures and '
                    'efficient complaints management system',
 'post_incident_analysis': {'root_causes': 'Inadequate oversight of data '
                                           'outsourcing'},
 'references': [{'date_accessed': '2023-10-05',
                 'source': 'Equifax',
                 'url': 'https://www.equifax.co.uk/'}],
 'title': 'Equifax Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Inadequate oversight of data outsourcing'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.