UK financial service regulators have launched an investigation into Equifax over its handling of the recent mega-breach.
In a brief statement on Tuesday, the Financial Conduct Authority (FCA), which could fine the firm or revoke its right to operate in the UK, said it was “investigating the circumstances surrounding a cybersecurity incident that led to the loss of UK customer data held by Equifax Ltd on the servers of its US parent”.
In response, Equifax said it welcomed the investigation.
Equifax Ltd is already working closely with the FCA and other authorities: we welcome this opportunity to learn the lessons from this criminal cyber-attack in order for all businesses to better protect consumers in the future. Cybercrime is a real and ever-present risk faced by all companies, so it is important that Government, regulators and businesses work together to combat this growing threat. We see today’s announcement as a continuation of that process.
The FCA probe piles further pressure on Equifax, which already faces pointed questions from an influential Westminster MP. Nicky Morgan, chair of the Treasury Committee, wrote to Equifax Limited’s UK boss earlier this month asking for further details about the scale of the breach, and what compensation it intended to provide. Morgan also wrote to the FCA asking for an assessment of Equifax’s response to the breach in a letter that also raised the issue of whether the regulator is considering further action. Equifax’s UK business is authorised by the FCA.
Source: The Register.