Business & Tech

Equifax political fallout deepens with UK lawmaker’s questions

LONDON — Equifax Inc.’s political troubles have expanded, as a top Parliament lawmaker demanded information from the company and its British regulator about the hack that exposed sensitive data for nearly 700,000 UK consumers.

Nicky Morgan, chairwoman of the Parliament’s Treasury Committee, asked the chief executive of the company’s UK unit in a letter on Wednesday for details about the scale of the breach; how much credit information was compromised; and the firm’s plans to compensate individuals. Morgan also questioned when the company first became aware of the breach and said the committee would consider holding a public hearing if it doesn’t receive adequate answers.

“Equifax has taken too long to notify those affected by its widespread cybersecurity breach,” Morgan said in an e-mailed statement. “People have been left in the dark for too long, which has increased the risk that they fall victim to identity theft and fraud.”


In a separate letter to Andrew Bailey, chief executive of the UK Financial Conduct Authority, Morgan asked about the regulator’s options for enforcement actions given that the firm’s parent company is based in Atlanta. She asked whether rules had been broken in the “process failure” that transferred UK data to the United States and if such transfers compromised the FCA’s ability to protect consumers.

Get Talking Points in your inbox:
An afternoon recap of the day’s most important business news, delivered weekdays.
Thank you for signing up! Sign up for more newsletters here

Morgan questioned whether the FCA or the Information Commissioner’s Office was the most appropriate body to carry out an investigation and asked for an account of the way responsibilities are divided between the two authorities.

The FCA received the letter and will respond, according to a spokesman for the regulator. Spokespeople for Equifax in the United Kingdom and the United States didn’t immediately respond to requests for comment.

Equifax said in an earlier statement that it would need to contact UK consumers about the breach, and another million records were “potentially compromised.” Phone numbers, license numbers, and partial credit card details were among those breached, according to the statement.