Equifax Inc.’s British unit was hit with an £11 million ($13.4 million) fine after failing to protect the data of millions of clients amid one of the biggest cyber-security breaches in history.
(Bloomberg) — Equifax Inc.’s British unit was hit with an £11 million ($13.4 million) fine after failing to protect the data of millions of clients amid one of the biggest cyber-security breaches in history.
The Financial Conduct Authority said Friday it had fined Equifax Ltd. over the 2017 hack that accessed the personal information of 13.8 million UK customers because Equifax outsourced the data to its US parent for processing and didn’t put the right safeguards in place.
“Financial firms hold data on customers that is highly attractive to criminals,” said Therese Chambers, the FCA’s joint executive director of enforcement and market oversight. “Regulated firms are on the hook, regardless of whether they outsource or not.”
The Atlanta-based company had been subject to probes around the world since it disclosed that the hack that exposed personal data including partial credit card details. The FCA said that the company also mishandled customer complaints following the incident.
Patricio Remon, Equifax’s European president, said in a statement that the FCA had recognized the company’s cooperation throughout the long-running probe as well as measures it put in place such as a voluntary consumer redress exercise after the incident.
Read More: Equifax Political Fallout Deepens With UK Lawmaker’s Questions
(Updates with a comment from Equifax in the final paragraph)
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.