Equifax said it began notifying the customers most exposed by letters posted on October 13. "Consumers who have potentially had their driving licence numbers or...
Two points spring to mind: firstly are they only notifying those "most" exposed? What about those "slightly" exposed? Secondly, how the hell did Equifax get hold of Driving lIcence numbers, and why? Were they willingly handed over by the owners themselves?
I fnd myself wondering if the FCA and ICO should be laying down the law and stipulating what data may be requested (and thus stored ready for later theft) and what data must not. Exactly how Equifax obtained this (sort of) information must be the subject of a specific enquiry. What else was sitting there pending misappropriation?