FCA fines Equifax £11m for role in cyber breach
Britain’s financial watchdog (FCA) said on Friday it had fined consumer credit rater Equifax £11m for its role in “one of the largest” cyber-security breaches in history.
The Financial Conduct Authority (FCA) said that in 2017 Equifax’s parent company, Equifax Inc (EFX.N) in the United States, was subject to one of the biggest cybersecurity breaches in history, when the personal details of as many as 147.9 million U.S. consumers were accessed during the hack.
Equifax said on Friday it has cooperated fully with the FCA throughout the long-running investigation.
“Since the cyberattack against our company six years ago, we have invested over $1.5 billion in a security and technology transformation,” said Patricio Remon, president for Europe at Equifax.
“Few companies have invested more time and resources than Equifax to ensure that consumers’ information is protected,” Remon said.
The FCA said the UK arm of Equifax did not find out that consumer data had been accessed until six weeks after the parent company discovered the hack, the FCA said.
“There were known weaknesses in Equifax Inc’s data security systems and Equifax failed to take appropriate action in response to protect UK customer data,” it said.
Equifax’s fine was discounted after it agreed to resolve the matter and cooperate to a high level with the watchdog, the FCA said.
Britain’s Information Commissioner’s Office fined Equifax Ltd £500,000 in 2018.
By Reuters