The UK’s financial conduct authority has opened an investigation into the hacking of U.S. credit reporting agency Equifax, which affected nearly 700,000 UK citizens.
The announcement follows a letter from Nicky Morgan, chair of the House of Commons’ Treasury Committee to the Financial Conduct Authority, asking if Equifax had violated terms of its license to operate in the country, and whether the regulator had the power to compel the company to provide compensation to UK consumers.
“The Financial Conduct Authority announces today that it is investigating the circumstances surrounding a cybersecurity incident that led to the loss of UK customer data held by Equifax Ltd on the servers of its U.S. parent,” the watchdog said in a statement. “This statement is made given the public interest in these matters.”
Equifax has said that 15.2 million records on UK citizens were involved in the breach, including sensitive data on what it said were 693,665 individuals, for whom credit protection services were offered.
The UK data accessed by unknown hackers included credit accounts, user credentials, partial credit card details and driver license numbers. The remaining 14.5 million records contained names and birth dates of UK consumers were “potentially compromised”, the company disclosed.
Equifax first revealed in September it had been the target of a data breach which hit around 143 million people, mostly in the United States.