Last year, Equifax made headlines when 145 million records were exposed. Now, reports say that the breach is worse.
More than 145 million Americans were exposed when hackers gained access to their personal information. We mentioned this breach while discussing the Alteryx data leak which exposed 123 million Americans. The breach exposed names, social security numbers, and even drivers licenses. It’s hard to believe the news could get any worse.
It did get worse.
According to CNBC, Equifax handed documents over to the American government pertaining to the breach. The documents painted a much more grim picture of what happened in the breach. From the report:
However, Atlanta-based Equifax recently disclosed in a document submitted to the Senate Banking Committee, that a forensic investigation found criminals accessed other information from company records. According to the document, provided to The Associated Press by Sen. Elizabeth Warren’s office, that included tax identification numbers, email addresses and phone numbers. Finer details, such as the expiration dates for credit cards or issuing states for driver’s licenses, were also included in the list.
The additional insight into the massive breach was first reported by the Wall Street Journal.
Equifax’s disclosure, which it has not made directly to consumers, underscores the depth of detail the company keeps on individuals that it may have put at risk. And it adds to the string of missteps the company has made in recovering from the security debacle.
Equifax spokeswoman Meredith Griffanti said that “in no way did we intend to mislead consumers.” The company last year disclosed only the information that affected the greatest number of consumers and wanted to “act with the greatest clarity” in terms of the information provided the committee, she said.
This latest revelation will no doubt add to the controversy swirling around the company. Earlier this month, the Trump administration decided to halt the probe into the Equifax data breach.
Back in September, executives working for Equifax learned of the breach. In a controversial move, the executives sold their stocks in Equifax before revealing the breach to the public likely knowing full well that the stocks would slide after such an announcement.
The latest revelation will no doubt motivate some in the security community to demand better disclosure laws. This is, after all, the latest example of private companies not disclosing the full extent of a breach. In the end, consumers are the ones being hurt in all of this.
Either way, this is not likely going to make Equifax look any better in the eyes of the American public.
Drew Wilson on Twitter: @icecube85 and Google+.