We use cookies to allow us and selected partners to improve your experience and our advertising. By continuing to browse you consent to our use of cookies as per our policy which also explains how to change your preferences.

Equifax to alert another 167,000 UK victims of its data breach

Those with phone numbers in public directories will now receive the same warning and protection as almost 700,000 other victims

A further 167,000 victims of the Equifax data breach will receive a warning from the firm, indicating the May 2017 hack may have left them at greater risk of fraud.

The latest wave comes after the firm previously wrote to 693,000 UK individuals thought to be most at risk – taking the total number of UK warning letters to over 860,000.

The credit reference agency says it has decided to write to thousands more victims whose landline telephone numbers were already published in public telephone directories but were accessed as part of last year’s cyber-attack.

Which? has already highlighted confusion and alarm caused by the letters, which fail to explain who Equifax is or why it holds victims’ data.


Equifax data breach: 15.2m Brits affected

In May this year, Equifax announced its data had been access by hackers in a cyber-attack. Some 15.2 million UK client records were compromised, and Equifax initially wrote to 690,000 UK consumers who are likely to have had sensitive details stolen.

These include email addresses, passwords, driving license numbers, phone numbers and partial credit card details.

This latest announcement reveals that a further 167,000 had their telephone numbers stolen in the attack.

The warning letters offer free identity-monitoring services aimed at spotting impostor applications for credit cards and bank accounts.

Why Equifax has victims’ data

Equifax has confirmed that just 3% of the 693,000 worst-hit victims were its direct customers. Many of the victims may have never dealt with – or even heard of – the firm before.

How is this possible? As a credit reference agency, Equifax receives personal data from banks and financial institutions whenever someone applies for a bank account, mortgage or credit card.

Consent for this is usually included in the application terms and conditions, meaning Equifax may hold data on you even if you’ve never dealt with it directly.

It uses this data to generate your credit reports and score. Lenders then use these to decide how much of a risk you are before they approve your application.

As a result, Equifax’s only direct customers are the tiny minority who have transacted with it by purchasing a credit report or identity-monitoring services.

How to verify your letter

If you receive a letter regarding the Equifax data breach, and you’re not sure if it’s genuine, call Equifax on 0800 587 1584 to confirm the letter is genuinely from them.

If the letter is telling you to call a number other than the one above, it may be a scam.

Should you accept the free identity monitoring services?

If your data has been breached, you may be at heightened risk of identity fraud. To combat this, Equifax is offering its worst-affected UK customers free services which monitor whether your identity has been compromised online.

It’s also offering Cifas Protective Registration – a third-party service which prompts banks to conduct extra identity checks when they receive an application in your name.

If you are concerned about the security of Equifax’s own products, you can opt to be enrolled in Cifas’s service instead – however you will still have to give some personal information to Equifax so it can enrol you for free.

It is possible to enrol directly through Cifas, though this will attract a £20 charge (for two years’ cover).

You can find out more in our guide on what to do if your data is lost or stolen.

Categories: Credit cards & loans, Money

Please note that the information in this article is for information purposes only and does not constitute advice. Please refer to the particular terms & conditions of a provider before committing to any financial products.

Back to top
Back to top