UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

 

 

FORM 8-K

 

 

CURRENT REPORT

Pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934

Date of Report (Date of earliest event reported): October 11, 2017

 

 

Equifax Inc.

(Exact Name of Registrant as Specified in Charter)

 

 

 

Georgia    001-06605    54-0401110

(State or Other Jurisdiction

of Incorporation)

  

(Commission

File Number)

  

(IRS Employer

Identification No.)

 

1550 Peachtree Street, N.W.

Atlanta, Georgia

   30309
(Address of Principal Executive Offices)    (Zip Code)

Registrant’s telephone number, including area code: (404) 885-8000

Not Applicable

(Former Name or Former Address, if Changed Since Last Report)

 

 

Check the appropriate box below if the Form 8-K filing is intended to simultaneously satisfy the filing obligation of the registrant under any of the following provisions:

 

Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425)

 

Soliciting material pursuant to Rule 14a-12 under the Exchange Act (17 CFR 240.14a-12)

 

Pre-commencement communications pursuant to Rule 14d-2(b) under the Exchange Act (17 CFR 240.14d-2(b))

 

Pre-commencement communications pursuant to Rule 13e-4(c) under the Exchange Act (17 CFR 240.13e-4(c))

Indicate by check mark whether the registrant is an emerging growth company as defined in Rule 405 of the Securities Act of 1933 (§ 230-405 of this chapter) or Rule 12b-2 of the Securities Exchange Act of 1934 (§240.12b-2 of this chapter).

Emerging growth company  ☐

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.  ☐

 

 

 


Item 7.01. Regulation FD Disclosure.

Equifax Ltd. (UK) (“Equifax UK”), a subsidiary of Equifax Inc. (the “Company”) has confirmed that, following the completion of an independent investigation into the cybersecurity incident previously disclosed by the Company on September 7, 2017, and with agreement from appropriate UK investigatory authorities, Equifax UK has begun corresponding with 693,665 affected UK consumers. Equifax UK disclosed that a file containing 15.2 million UK records dating from between 2011 and 2016 was attacked in the previously disclosed cybersecurity incident. The file contained data relating to actual consumers as well as sizeable test datasets, duplicates and spurious fields. Equifax utilized analytical tools, techniques and data assets in order to establish actual consumer identities and attribute a current home address to them. This complete, Equifax UK has been able to place consumers into specific risk categories and define the services to offer them, in order to protect against those risks and send letters to offer them Equifax and third-party safeguards. This work enabled Equifax UK to confirm that it will need to contact 693,665 consumers by post. Details are set forth below. The balance of the 14.5 million records potentially compromised may contain the name and date of birth of certain UK consumers, although the Company does not believe this introduces any significant risk to such individuals. The analysis of all potentially affected data relating to UK subjects is now complete, and there are four groups of consumers to whom Equifax UK will be writing:

 

•    12,086 consumers who had an email address associated with their Equifax.co.uk account in 2014 accessed;

 

•    14,961 consumers who had portions of their Equifax.co.uk membership details – such as username, password, secret questions and answers and partial credit card details - from 2014 accessed;

 

•    29,188 consumers who had their driving license number accessed; and

 

•    637,430 consumers numbers accessed who had their phone.


SIGNATURE

Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.

 

Equifax Inc.
By:   /s/ John J. Kelley III
Name:   John J. Kelley III
Title:  

Corporate Vice President, Chief Legal Officer

and Corporate Secretary

Date: October 11, 2017