Page 62 - 期货和衍生品行业监管动态(2023年10月刊)
P. 62
期货和衍生品行业监管动态
6. 外包的数据用于 Equifax Identity Verifier 和 Global Consumer Solutions。
Equifax Identity Verifier 产品是 Equifax Ltd 为企业客户提供的企业对企业
(B2B)服务之一,帮助企业验证和认证客户身份。Global Consumer
Solutions 是一种让零售消费者访问其信用报告的产品,它还提供网络监
控服务。
Financial Watchdog Fines Equifax Ltd £11 Million for Role in One of the Largest
Cyber-security Breaches in History (2023/10/13)
The FCA has fined Equifax Ltd (Equifax) £11,164,400 for failing to manage
and monitor the security of UK consumer data it had outsourced to its parent
company based in the US. The breach allowed hackers to access the personal data
of millions of people and exposed UK consumers to the risk of financial crime.
In 2017, Equifax’s parent company, Equifax Inc, was subject to one of the largest
cybersecurity breaches in history. Cyber-hackers were able to access the personal data
of approximately 13.8 million UK consumers because Equifax outsourced data to
Equifax Inc’s servers in the US for processing.
The UK consumer data accessed by the hackers ranged from names, dates of birth,
phone numbers, Equifax membership login details, partially exposed credit card details,
and residential addresses.
The cyberattack and unauthorised access to data was entirely preventable. Equifax
did not treat its relationship with its parent company as outsourcing. As a result, it failed
to provide sufficient oversight of how data it was sending was properly managed and
protected. There were known weaknesses in Equifax Inc’s data security systems and
Equifax failed to take appropriate action in response to protect UK customer data.
Equifax did not find out that UK consumer data had been accessed until 6 weeks
after Equifax Inc had discovered the hack. The firm was informed about the incident
approximately five minutes before it was announced by the American parent company.
49
