After compromising over 145 million people’s financial data records, Equifax responds by producing an app…
coronavirus contact tracing data app data breach risks

After compromising over 145 million people’s financial data records, Equifax responds by producing an app…

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Equifax have faced heavy criticism for a series of failings around the data breach that exposed over 145 million people’s personal data records, with almost 700,000 Brits caught up in the scandal. It was bad enough that a company responsible for credit referencing was easily hacked, especially given that the hack was down to Equifax failing to patch a known security vulnerability.

Their handling of the breach has been heavily criticised by authorities, experts and regulators. There are allegations of delays and failures to report the breach; an arguably dangerous website set up for people to check whether they were affected (which fraudsters can copy to lure people to give away information); and now an app, which is arguably one of worst offenders in terms of breaches and leaks of information.

Why are we concerned about an app?

We’re not saying that any app they produce will not be secure, but given apps are notorious for breaches, and given that the whole mess started in the first place because of a failure to patch a known security vulnerability, it’s understandable to have concerns. Only a few days ago, cybersecurity firm Appthority warned that a simple coding error in at least 685 apps means hackers can intercept the mobile device’s calls and messages. This shows how easy it is for things to go wrong and even companies with strong cybersecurity are not safe; so, where does that leave Equifax?

About the new Equifax app

Equifax has produced a new app for customers to apparently “protect the power of your credit.” Coming from a firm that failed to protect the information of 145 million people in the U.S, Canada and the U.K., Equifax may have to forgive customers who are less than enthusiastic about downloading the app…

When a company’s website says “think your business is safe from a data breach? Think again!” You can see why the irony of this serious breach is somewhat remarkable, and the creation of an app may lead to further worry.

Of course, we know no one is 100% safe from a breach, but there is plenty that can be done. It’s fair to say that data breaches can happen to anyone and that no security system is completely impenetrable. However, this is exactly why steps need to be taken to reduce the risk of a breach and to mitigate any damage done, and one of the key steps is to minimise exposure. Patching known vulnerabilities is the bread and butter of cybersecurity, as is lessening the ways you can be breached.

Why creating the app may not be a smart move right now

An app can arguably increase your data risks, and given they’re notorious for breaches, it’s fair to question whether this is a smart move by Equifax given the huge breach they’ve just suffered.

Fraudsters could also create their own app and try and pass it off as the Equifax one and lure people to inadvertently give away their information. As we said at the start of the blog, Equifax created a website for people to check if they were affected by the breach, which was met with huge criticism from cybersecurity experts because fraudsters could create their own similarly-named websites and try and pass off as the legitimate one. In fact, a security researcher did just that to prove a point, and the official Equifax twitter feed started accidentally linking people to the dummy site set up by the researcher.

His point was well and truly proven!

So, the creation of the app – especially just after a breach – has raised eyebrows.

Mobile app vulnerabilities

Mobile applications are vulnerable for a variety of reasons, including:

  • Security flaws in the coding which hackers can identify and exploit to gain access to protected information
  • Insufficient data handling can mean encrypted files aren’t protected properly from malware attacks
  • Lack of transport layer protection can lead to the connection between the device and the information not being secure, and easily lead to it being compromised

A study by top cybersecurity firm IOActive revealed that security standards for mobile apps are reportedly decreasing. Equifax will have to make a stellar job of creating a robust app that’s correctly programmed to withstand attacks or leaks. Given how this recent hack happened in the first place, we think concerns about their new app are understandable.

Our team has received a number of enquiries from people affected by the Equifax Data Breach. We’ve already taken cases on, and if you’ve been affected by the Equifax hack, contact us today for help and advice. You may be entitled to financial compensation as a victim of the Equifax breach.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon