NCSC advice for Equifax customers

Created:  09 Sep 2017
Updated:  10 Oct 2017
Advice for Equifax customers affected by the recent cyber incident.

Equifax has today confirmed that a file containing 15.2m UK records dating from between 2011 and 2016 was attacked in the cyber incident that took place in May 2017.

If you have been told by Equifax that security details from your membership account – such as password and secret questions - have been accessed, you should ensure those details are not used on any other accounts. NCSC advises that passwords are managed carefully across online services and more information can be found on the NCSC website.   

Another risk to UK citizens affected by this data breach is that they could be on the receiving end of more targeted and realistic phishing messages. Fraudsters can use the data to make their phishing messages look much more credible, including using real names and statements such as:

'To show this is not a phishing email, we have included the month of your birth and the last 3 digits of your phone number'.

These phishing messages may be unrelated to Equifax and may use more well-known brands. It is unlikely that any organisations will ask their customers to reset security information or passwords as a result of the Equifax breach, but this may be a tactic employed by criminals. The NCSC guidance on protecting yourself from phishing still applies.

Usually, if you are the target of a phishing message, your real name will not be used.  However, in this case, if fraudsters have your name, people will need to be extra vigilant around any message that purports to be from an organisation they deal with - especially when there are attachments or links which take people to sites asking for more personal information.

Fraudsters may also call. If you do receive a phone call that is suspicious - for example by asking you for security information - do not divulge any information, and hang up. Next, pick up the phone and make sure there is a dial tone to ensure the caller is not still on the line. You should then contact the organisation the caller claimed to be from – never using the details they provided during the call.

The NCSC, with Equifax and partners including the NCA, ICO and FCA, continues to examine this incident and should further information come to light about the extent and nature of the impact on the UK, we will provide further updates and advice as soon as we can.

Members of the public can report a cyber incident using Action Fraud’s online fraud reporting tool anytime of the day or night, or call 0300 123 2040. For further information visit

Was this news helpful?

We need your feedback to improve this content.

Yes No