Equifax will inform 693,665 customers in the UK that their data was stolen by hackers in a September cyberattack.
Here are 2017’s biggest hacks, leaks, and data breaches — so far
Dozens of data breaches, millions of people affected.
The company said in a statement that 15.2 million records — some dating back to 2011 — were stolen in the data breach.
The company had initially said the hack affected 400,000 UK customers, which revealed names, dates of birth, and email addresses, and phone numbers, but that postal addresses and passwords weren’t affected.
Now, the company is saying that usernames, passwords, partial credit card details, and driving license numbers were also stolen.
The company wouldn’t say if the passwords or any other data was encrypted or stored in plain text.
The UK government’s National Cyber Security Center warned in its own statement that fraudsters may use information obtained from the breach to include real information to make phishing messages “look much more credible.”
An Equifax spokesperson did not respond to a request for comment.
Contact me securely
Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755–8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.
Leaked TSA documents reveal New York airport’s wave of security lapses
US government pushed tech firms to hand over source code
At the US border: Discriminated, detained, searched, interrogated
Millions of Verizon customer records exposed in security lapse
Meet the shadowy tech brokers that deliver your data to the NSA
Inside the global terror watchlist that secretly shadows millions
FCC chairman voted to sell your browsing history — so we asked to see his
With a single wiretap order, US authorities listened in on 3.3 million phone calls
198 million Americans hit by ‘largest ever’ voter records leak
Britain has passed the ‘most extreme surveillance law ever passed in a democracy’
Microsoft says ‘no known ransomware’ runs on Windows 10 S — so we tried to hack it
Leaked document reveals UK plans for wider internet surveillance