LONDON (Reuters) - Britain’s markets watchdog said it has opened an investigation into the hacking of U.S. credit reporting agency Equifax, which affected nearly 700,000 UK citizens.
“The Financial Conduct Authority announces today that it is investigating the circumstances surrounding a cybersecurity incident that led to the loss of UK customer data held by Equifax Ltd on the servers of its U.S. parent,” the watchdog said in a statement on Tuesday.
“This statement is made given the public interest in these matters.”
The announcement follows a letter from Nicky Morgan, chair of the House of Commons’ Treasury Committee to the watchdog, asking if Equifax had violated terms of its license to operate in the country, and whether the regulator had the power to compel the company to provide compensation to UK consumers.
Equifax said it was already working closely with the FCA and other authorities.
“We welcome this opportunity to learn the lessons from this criminal cyber-attack in order for all businesses to better protect consumers in the future,” the company said in a statement.
Equifax has said that 15.2 million records on British citizens were involved in the breach, including sensitive data on what it said were 693,665 individuals, for whom credit protection services were offered.
The UK data accessed by unknown hackers included credit accounts, user credentials, partial credit card details and driver license numbers. The remaining 14.5 million records contained names and birth dates of UK consumers were “potentially compromised”, the company disclosed.
Equifax first revealed in September it had been the target of a massive data breach which hit around 143 million people, mostly in the United States.
Reporting by Huw Jones; Editing by Rachel Armstrong and David Evans