British regulator fines Equifax 11 million pounds for data breach in 2017

The British Financial Conduct Authority, or FCA, has imposed a fine of 11 million pounds on the American credit rating agency Equifax, which is equivalent to 12.7 million euros. The fine is for Equifax’s role in a major data breach in 2017.

“The cyber attack and unauthorized access to data were preventable,” the FCA wrote in a statement. The 2017 hack of Equifax’s parent company saw the data of 149.7 million Americans stolen. Data from 13.8 million Britons was also stolen, because the data of British customers was stored on the company’s American servers. The UK data included names, dates of birth, Equifax account login details, partially disclosed credit card details and addresses.

It wasn’t until six weeks after news of the attack emerged that Equifax’s UK arm was informed that criminals had gained access to UK customers’ data. The British branch received this message on the same day as the customers, which meant that it did not have enough time to prepare for customer contact and handling complaints. The FCA also blames Equifax for this.

Equifax chimes in a response to Reuters that it has cooperated fully during the FCA’s investigation. The company also says that it has invested $1.5 billion in security measures since the data breach.

The Equifax hack is one of the most extensive attacks that has taken place. After it became apparent that the hack could have happened due to inadequate security, the top management of the company resigned.