Infosec Cloud
Solutions. Services. Training.

The 'chat' from the cloud

Keep up-to-date with the latest trends, hints and tips on cloud-based security

Implications of the Equifax Data Breach

Date: Sep 11, 2017

Category: Blog

Credit-reporting company Equifax Inc. disclosed last Thursday that cyber criminals had gained access to some of its systems, compromising the personal data of up to 44 million British consumers.

The information commissioner has said that it is investigating how the hack on Equifax, a US credit rating firm, affected UK customers, many of whom will be unaware their data is held by the company.

Equifax and its UK subsidiary companies state on their websites that they represent British clients including BT, Capital One and British Gas.

This latest data breach will lead to a spate of phishing emails with credit card related themes, which are sometimes very hard to resist because money is at stake. Training employees to correctly spot social engineering hooks is essential.

How many of your employees would click on this email:

Equifax Notification Email

Everyone needs to look out for:

*  Phishing emails like the example above that claim to be from Equifax
*  Phishing emails that claim there is a problem with a credit card, your credit record, or other personal financial information
*  Calls from scammers that claim they are from your bank or building society
*  Fraudulent charges on any credit card because your identity was stolen

ICO Deputy Commissioner James Dipple-Johnstone, said: “We are already in direct contact with Equifax to establish the facts including how many people in the UK have been affected and what kind of personal data may have been compromised. We will be advising Equifax to alert affected UK customers at the earliest opportunity.

A spokesman for BT said: “We are aware of the developing story and are monitoring the situation closely. Like many companies in the UK, BT uses Equifax services. We are working on establishing whether this breach has any impact on those services.”

Find out how to ensure your IT end user are cyber-security aware >>

Comments are closed.

  • Employee GDPR Awareness Training

  •  Identity-as-a-Service (IDaaS) solution

  • Tokenless Strong Authentication (MFA)

  • Next Gen Endpoint Security

  • Enquiry LinkedIn Spiceworks