Credit reporting agency Equifax has confirmed that two senior executives have been replaced, following the major hack that led to one of the worst-ever breaches of personal data.
The Equifax chief information officer and head of security will retire, effective immediately, as part of an ‘ongoing review of the cybersecurity incident’ that resulted in the theft of personal data from 143 million US customers.
The huge data breach, that we reported last week, is considered particularly serious because the type of data collected. Names, social security numbers, addresses, credit card numbers, and other financial details that were obtained, can potentially be used by criminals to steal people’s identities for financial gain.
The company is continuing an internal investigation and working with FBI investigators.
It is thought that hundreds of thousands of British customers and an unspecified number in Canada may have also been affected by the hack.
Canada’s privacy commissioner has announced a high-priority investigation into the massive data theft, and a lawsuit by Canadian consumers whose data was stolen was also launched this week, seeking class action status and damages of Can$550 billion.
Limited information from up to 400,000 UK consumers may have been hacked, though the data in question is restricted to name, date of birth, email address and a telephone number.
The company’s UK branch said in a statement: ‘Equifax believes identity takeover is unlikely for the UK consumers who had their data potentially accessed in this incident’.
Equifax collects consumers’ financial data in order to rate their credit-worthiness to banks, home sellers, auto sellers and others who depend on consumer credit in marketing.
The data breach took place from mid-May through July 2017 via a website application vulnerability that US cyber security companies say they had identified in March.
US officials have not revealed if they know who was behind the breach, though foreign hackers are widely suspected.