Equifax is being investigated by not one, but two authorities in the UK over its data breach last month that spilt details on some 15.2 million British people.
Both the Financial Conduct Authority (FCA) and the Information Commissioner's Office (ICO) are investigating the credit reference agency, according to Bloomberg, which notes that, in the case of the FCA, it can decide to fine Equifax as well as take away its authorisation to run credit checks in the UK.
"Hundreds of thousands of people in the UK have been affected by the Equifax data breach," said Nicky Morgan, chair of the House of Commons Treasury Committee. "The FCA is right to investigate the circumstances surrounding it."
A spokesperson for the UK's Information Commissioner's Office added: "It is a complex and fast-moving case and we are working closely with other UK regulators and our counterparts in Canada and the US."
Last month, Equifax said that around 400,000 people in the UK may have had their information stolen following the recent breach on its systems, noting that while its UK systems weren't accessed during the breach, a file containing consumer information "may potentially have been accessed".
However, the US firm revealed earlier this month that the real number was actually 15.2 million. Equifax noted that 14.5 million of the records breached, which dated from 2011 to 2016, did not contain information that would put British people at risk of identity theft.
Nevertheless, sensitive information affecting almost 700,000 consumers were accessed in the breach, including email addresses, passwords, driving license numbers and phone numbers. The data also included partial credit-card details of fewer than 15,000 customers.
Patricio Remon, president for Europe at Equifax, said: "Once again, I would like to extend my most sincere apologies to anyone who has been concerned about or impacted by this criminal act. Let me take this opportunity to emphasise that protecting the data of our consumers and clients is always our top priority.
"It has been regrettable that we have not been able to contact consumers who may have been impacted until now, but it would not have been appropriate for us to do so until the full facts of this complex attack were known, and the full forensics investigation was completed."
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software