Latest information on the Equifax cyber incident

Equifax, the credit rating agency, suffered a cyber breach in May 2017 and today they have confirmed that a file containing 15.2m UK records dating from between 2011 and 2016 was attacked in this incident.

The majority of these compromised records may contain the name and date of birth of certain UK consumers, but Equifax have stated that they will contact by post the 693,665 customers who had sensitive data exposed.

Since being made aware of the incident, a wide range of relevant UK government departments and agencies have worked together to protect British citizens who may have been affected by this data breach. The National Cyber Security Centre (NCSC), under the supervision of government ministers, has worked with the regulatory authorities, law enforcement and government partners to understand the impact to the UK and develop measures to support those affected and provide appropriate advice.  

The UK’s independent financial and information regulators have played an integral part in this process and will announce their conclusions and any further actions in due course. 

An NCSC spokesperson said:

“Equifax today confirmed that a file containing 15.2m UK records was attacked. The company say this included 693,665 people who could have had their data exposed, including email addresses, passwords and phone numbers.

“It is always a company’s responsibility to identify UK victims and Equifax will contact by post the holders of those affected accounts.

“NCSC has published updated advice on its website, following today’s announcement. The guidance is tailored specifically to this incident and advises members of the public on password re-use, avoiding related phishing emails and fraudulent phone calls, as well as giving information of how to report a cyber incident to Action Fraud.”

Further information

  • The NCSC advice and guidance can be seen on the NCSC website. It recommends that passwords are never re-used across important accounts and also setting up Two-Factor Authentication (also called Two-Step Verification) in the security settings
  • The Equifax statement can be seen here. It details that the data exposed in the 693,665 records includes Equifax membership details such as username, password, secret questions and answers and partial credit card details from 2014.
  • Members of the public can report a cyber incident using Action Fraud’s online fraud reporting tool anytime of the day or night, or call 0300 123 2040. For further information visit www.actionfraud.police.uk.
Source : https://www.ncsc.gov.uk/information/latest-information-equifax-cyber-incident

Given the complexities of digital financial world, let us put cybersecurity as core focus, for the leaks of data security can jeopardize the credibility and growth of the whole industry. For this reason, Asosiasi FinTech Indonesia fully supports Cyber Security Indonesia 2017 to create top of mind awareness on cybersecurity issue.

Niki Santo Luhur
Chairman - FinTech Indonesia Association

Now the whole industry begins to understand that it's better to prevent than to lose access and control data because of negligence to keep the data secure. Hence, this encourages APTIKNAS to endorse the implementation of Cyber Security Indonesia.

Fanky Christian
Head of DPD DKI - APTIKNAS (Indonesian ICT Business Association)

Indonesia, with its vast wealth of information is in urgent need of preventive and defensive measures against cyber threats. Other than protecting national interest, such measures are also required to protect the interest of its citizens. Actions taken may not be adequate through policies and regulations but through concrete actions involving all components of the nation. Hence LEMSANEG welcomes and endorses Cyber Security Indonesia 2017.

Major General (TNI), Dr Djoko Setiadi, M.Si
The Head of LEMSANEG (State Cryptography Agency)

ATSI (Indonesian Telecommunication Providers Association) supports Cyber Security Indonesia 2017 to encourage concern and awareness of the important needs of cyber protection system to prevent and minimise cyber crime for individuals, communities, governments and also companies in Indonesia.

Sutrisman Raden
Executive Director of ATSI