Credit rating firm Equifax is being investigated by the UK’s Financial Conduct Authority (FCA) over a large data loss.
The FCA released a short statement announcing the investigation but did not provide further details.
Equifax said it welcomed the opportunity to “learn the lessons from this criminal cyber-attack”.
Earlier this month, the firm admitted that more UK customers had been hit by a cybersecurity incident between mid-May and the end of July this year.
It originally believed that fewer than 400,000 British people were affected, but it has now put the figure at 694,000.
An estimated 143 million US customers also had their data compromised.
Equifax has said that those affected may be at risk of “possible criminal activity”.
This may include identity theft and targeted scams.
“The FCA announces today that it is investigating the circumstances surrounding a cybersecurity incident that led to the loss of UK customer data held by Equifax Ltd on the servers of its US parent,” the regulator said in a statement.
“This statement is made given the public interest in these matters.”
Equifax said: “We welcome this opportunity to learn the lessons from this criminal cyber-attack in order for all businesses to better protect consumers in the future.”
Four groups of UK customers have so far been detailed by the firm:
- 637,000 whose phone numbers were stolen
- 29,000 whose driving licence numbers were stolen
- 15,000 who had some of their Equifax membership details, such as usernames and passwords, stolen
- and 12,000 whose email addresses were stolen
UK customers have been advised to phone Equifax for advice on 0800 587 1584.