The information in question is name, date of birth, email address and a telephone number – and was stored in the US between 2011 and 2016.
Equifax’s US data breach may have affected 400,000 UK customers – and the credit report firm plans to contact those at risk.
The potentially stolen information is names, date of births, email addresses and telephone numbers – which were stored in the United States between 2011 and 2016.
They were stored in the US due to a process failure, which was corrected in 2016.
The firm’s UK systems were unaffected.
Patricio Remon, president at Equifax, said: “We apologise for this failure to protect UK consumer data.
“Our immediate focus is to support those affected by this incident and to ensure we make all of the necessary improvements and investments to strengthen our security and processes going forward.”
Equifax will contact up to 400,000 UK customers with a free identity protection service allowing them to monitor their personal data, including their credit information.
The service will incorporate web and social media monitoring alerting the consumer to any publicly available information about them.
Equifax will also provide links to services provided by other UK regulated organisations.
Equifax is in contact with the Financial Conduct Authority and Information Commissioner’s Office in what is an ongoing investigation.