Commenting on news of the Equifax data breach today, which affects about 143 million customers across the US, UK & Canada, Joe Hancock, Cyber Security Lead at Mishcon de Reya, says:
“The Equifax breach could affect as many 143million records but the fact that it is still considered a 'potential' breach demonstrates how hard it is to understand the full extent of the loss. The breach seems to mostly impact US customers at present, but has already extended to the UK. Equifax has roughly 800m records worldwide and the number of UK customers affected is currently unknown. Additionally, no service had been provided to check if it contains an individual’s data as has been provided in the US.
“Equifax provides fraud alerts after data breaches, therefore alerts from the service clearly aren't as useful any more. More needs to be done to protect those whose data is lost, as those services themselves become targets.
“Recent Equifax share sales may indeed not be linked to this breach, but the timing and perception created will likely lead to an investigation by regulators. How a business acts after a data breach matters just as much as their cyber security beforehand. It's clear that Equifax weren't prepared for this kind of event, even though it is alleged the breach was detected in June.”