ICO fines Equifax for data breach

UK – Credit ratings agency Equifax has been fined £500,000 by the Information Commission’s Office (ICO) for failing to protect its data.

Data breach_crop

Equifax was subject to a cyber-attack between May and June 2017 in the US, which affected the personal data of 15m people in the UK. The personal information lost or compromised during the incident ranged from names and dates of birth to addresses, passwords, driving licence and financial details.

In its ruling, the ICO said that Equifax had "failed to take appropriate technical and organisational measures against unauthorised and unlawful processing of that data".

The ICO’s probe was carried out with the Financial Conduct Authority and found multiple failures at the credit reference agency.

The investigation was carried out under the Data Protection Act 1998, rather than the current GDPR, as the failings occurred before stricter laws came into force in May of this year. Hence the fine is the maximum allowed under the DPA.

Elizabeth Denham, Information Commissioner said: "The loss of personal information, particularly where there is the potential for financial fraud, is not only upsetting to customers, it undermines consumer trust in digital commerce.

"Many of the people affected would not have been aware the company held their data; learning about the cyber attack would have been unexpected and is likely to have caused particular distress. Multinational data companies like Equifax must understand what personal data they hold and take robust steps to protect it."

We hope you enjoyed this article.
Research Live is published by MRS.

The Market Research Society (MRS) exists to promote and protect the research sector, showcasing how research delivers impact for businesses and government.

Members of MRS enjoy many benefits including tailoured policy guidance, discounts on training and conferences, and access to member-only content.

For example, there's an archive of winning case studies from over a decade of MRS Awards.

Find out more about the benefits of joining MRS here.

0 Comments


Display name

Email

Join the discussion

Newsletter
Stay connected with the latest insights and trends...
Sign Up
Latest From MRS

Our latest training courses

Our new 2025 training programme is now launched as part of the development offered within the MRS Global Insight Academy

See all training

Specialist conferences

Our one-day conferences cover topics including CX and UX, Semiotics, B2B, Finance, AI and Leaders' Forums.

See all conferences

MRS reports on AI

MRS has published a three-part series on how generative AI is impacting the research sector, including synthetic respondents and challenges to adoption.

See the reports

Progress faster...
with MRS 
membership

Mentoring

CPD/recognition

Webinars

Codeline

Discounts