Carding 4 Carders
Professional
- Messages
- 2,724
- Reaction score
- 1,588
- Points
- 113
The case when the penalty truly corresponds to the damage caused.
The United Kingdom has finally delivered its final verdict in a long-running case involving Equifax, which made a monstrous information leak in 2017. The credit bureau then inadvertently disclosed credit history data and other confidential information of 143 million customers.
The Financial Conduct Authority (FCA), the UK's financial regulator, announced today that it has fined Equifax Ltd. more than £11 million ($13.4 million, or RUB 1.3 billion).
According to the FCA, Equifax Ltd. failed to take the necessary measures to protect the personal data of 13.8 million British consumers held by its American parent company.
In 2017, Equifax reported a security breach that resulted in the loss of 143 million unique records. The incident was discovered in July 2017, but the information became publicly available only six weeks later.
During the incident, hackers used a vulnerability in the Apache Struts program to access confidential information. According to rumors circulating at the time, hackers could have had access to Equifax networks almost from November 2016, but the bureau denied this information .
The data of British citizens was reportedly leaked because Equifax Ltd. transferred data processing to its parent company in the United States. The FCA said the data theft was "completely preventable". However, despite the known security vulnerabilities of Equifax Inc., a subsidiary of Equifax Ltd. did not exercise sufficient control over the protection of transmitted data.
The regulator also noted that the British branch learned about access to consumer data only six weeks after the discovery of the hacking of the parent company.
Equifax Ltd. public statements about the incident created an inaccurate picture of the number of affected consumers, and the company did not respond adequately to complaints from British customers, the regulator claims.
Teresa Chambers of the FCA stressed that financial companies have a duty to take care of their customers ' data, regardless of their outsourcing. Jessica Rusu from the same organization added that the regulator's decision highlights the importance of cybersecurity for the stability of financial services.
Recall that in 2019, Equifax Inc. agreed to pay $575 million in compensation for its security lapses. And in 2018, the UK Information Commissioner's Office (ICO) also imposed a fine of £500,000 on Equifax for violating the principles of the Data Protection Act.
The United Kingdom has finally delivered its final verdict in a long-running case involving Equifax, which made a monstrous information leak in 2017. The credit bureau then inadvertently disclosed credit history data and other confidential information of 143 million customers.
The Financial Conduct Authority (FCA), the UK's financial regulator, announced today that it has fined Equifax Ltd. more than £11 million ($13.4 million, or RUB 1.3 billion).
According to the FCA, Equifax Ltd. failed to take the necessary measures to protect the personal data of 13.8 million British consumers held by its American parent company.
In 2017, Equifax reported a security breach that resulted in the loss of 143 million unique records. The incident was discovered in July 2017, but the information became publicly available only six weeks later.
During the incident, hackers used a vulnerability in the Apache Struts program to access confidential information. According to rumors circulating at the time, hackers could have had access to Equifax networks almost from November 2016, but the bureau denied this information .
The data of British citizens was reportedly leaked because Equifax Ltd. transferred data processing to its parent company in the United States. The FCA said the data theft was "completely preventable". However, despite the known security vulnerabilities of Equifax Inc., a subsidiary of Equifax Ltd. did not exercise sufficient control over the protection of transmitted data.
The regulator also noted that the British branch learned about access to consumer data only six weeks after the discovery of the hacking of the parent company.
Equifax Ltd. public statements about the incident created an inaccurate picture of the number of affected consumers, and the company did not respond adequately to complaints from British customers, the regulator claims.
Teresa Chambers of the FCA stressed that financial companies have a duty to take care of their customers ' data, regardless of their outsourcing. Jessica Rusu from the same organization added that the regulator's decision highlights the importance of cybersecurity for the stability of financial services.
Recall that in 2019, Equifax Inc. agreed to pay $575 million in compensation for its security lapses. And in 2018, the UK Information Commissioner's Office (ICO) also imposed a fine of £500,000 on Equifax for violating the principles of the Data Protection Act.
