Equifax cyber incident: how to protect yourself
We are aware of a cyber incident affecting the credit rating agency Equifax, and are working with partners to understand any potential impact in the UK.
Since the incident was first reported to us on Friday 8 September, we have been working with Equifax, as well as law enforcement partners in the USA and UK, in order to gain a precise understanding of the extent of the data leak and whether any UK citizens may have been affected. We will post a more detailed update when we have more information to give.
Until then, anyone concerned that their data may be affected can contact Equifax by visiting the Equifax website for further information.
Here’s what you can do to make yourself safer:
- If any of your financial details were compromised, notify your bank or card company as soon as possible. Review your financial statements regularly for any unusual activity.
- Be suspicious of any unsolicited calls, emails or texts, even if it appears to be from a company you know of. Don’t open the attachments or click on links within unsolicited emails, and never disclose any personal or financial details during a cold call.
- Check your bank accounts and report any suspicious activity to your bank.
- If you have been a victim of fraud or cyber crime, please report it to us on the Action Fraud website.
Criminals often use information they have obtained during a data breach to commit fraud by contacting people by email and requesting them to provide personal information or click on malicious links
- An email address can be spoofed. Don’t open attachments or click on the links within any unsolicited emails you receive, and never respond to emails that ask for your personal or financial details.
- The sender’s name and number in a text message can be spoofed, so even if the message appears to be from an organisation you know of, you should still exercise caution; particularly if the texts are asking you to click on a link or call a number.
- Don’t disclose your personal or financial details during a cold call, and remember that the police and banks will never ring you and ask you to verify your PIN, withdraw your cash, or to transfer your money to another “safe” account.
We would also reiterate our general cyber security advice, which people can apply to their own personal data and computer devices:
- Ensure you have strong passwords, being at least 10 characters long, using a mixture of upper and lower case characters, and including numbers and symbols.
- Use a different password for different websites you visit.
Sign up for free to Action Fraud Alert to receive direct, verified, accurate information about scams and fraud in your area by email, recorded voice and text message.
ActionFraud is the UK’s national fraud and cyber crime reporting centre.
We provide a central point of contact for information about fraud and cyber crime.
The easiest way to report fraud and cyber crime is by using our online reporting tool.Report
Latest News from
Rise in reports of fake Sainsbury’s refund email17/01/2018 14:20:00
Fraudsters are sending out fake Sainsbury’s gift vouchers via email, with 15 reports received from members of the public recently.
UK victims defrauded by fraudsters via Western Union transfers may be eligible for refund16/01/2018 13:52:00
Action Fraud is contacting around 22,000 UK victims who have made a report of fraud in which they stated that the method of transfer for payments involved a money transfer via Western Union.
Fake NatWest text messages appearing in message threads11/01/2018 13:20:00
We have received reports about fraudsters sending out a range of messages purporting to be from NatWest that lead to websites harvesting personal banking information.
UBS fraudsters offering fake shares in Airbnb09/01/2018 15:15:15
Following the news of Airbnb’s initial public offering (IPO), fraudsters claiming to be from Swiss Bank UBS are trying to trick victims into investing in Airbnb stocks and shares.