All case studies

Case study

Equifax

Contact

May 2018

Equifax Data Breach Scandal

# I. What happened?

On September 7, 2017, the US-based consumer credit reporting agency Equifax announced that a cyber-attack on its computer systems between May and July 2017 had enabled hackers to access the personal data of about 143 million people in the US. By September 21, Equifax shares had plummeted by 33 percent following reports that the cyber criminals had been able to access full names, social security numbers, birth dates, and addresses, allegedly leaving consumers vulnerable to identity theft.

Although the attack reportedly began in mid-May, the CEO of Equifax claimed that the company had only discovered the breach on July 29, 2017.

A week after Equifax announced the data breach in the US, the security of the internal portal of Veraz, the company’s Argentinian operation, was found to be vulnerable, as the records of thousands of customers could allegedly be accessed by using the word “admin” as both the login and password. It was claimed that the weakness could lead to a breach of the personal data of more than 100 employees and 14,000 customers from Argentina.

Equifax’s troubles worsened when it came to light that its Chief Financial Officer and two other senior executives had sold shares in the company worth USD 1.8 million on August 1, 2017, just days after Equifax discovered the cyber-attack, and more than a month before the breach was made public. The discovery prompted the US Department of Justice (DOJ) to launch an investigation into the possible violation of insider trading regulations. On September 15, the company’s Chief Information Officer and Chief Security Officer announced that they would be resigning with immediate effect. One week later, on September 26, 2017, Equifax’s CEO also announced his resignation.

On October 2, 2017, Equifax admitted that 145.5 million Americans had been affected by the US data breach, 2.5 million more than previously thought. Two weeks later, Equifax announced that the breach had affected approximately 694,000 customers in the UK, as well as clients in Canada.

Please enter your details to read this case study

Continue

Topics

Equities Governance issues Public markets

Recommended articles

January 25, 2023
Biodiversity Energy Environmental issues Human rights Social issues

Oleoducto de Crudos Pesados (OCP) | Ecuador

Understanding an infrastructure project’s interface with protected areas, biodiversity, and endangered species previously involved an enormous amount …
July 19, 2021
ESG due diligence Governance issues Human rights Public markets Social issues

WeWork

WeWork opened its first shared workspace in New York City in 2010, shortly after its founding. The company then expanded its operations to 425 …
August 06, 2020
ESG due diligence Equities Governance issues Public markets

Luckin Coffee

Legal experts interviewed by Pengpai News estimated that Luckin could face an estimated CNY 75.4 billion (USD 10.8 billion) in legal liabilities for …
Receive our latest research, insights, news, and more
Sign up to mailing list