The massive data breach of consumer credit reporting giant Equifax gets worse as an additional 2.4 million customers are now revealed to be impacted by the breach.
The ongoing investigation and analysis of 2016’s massive data breach has revealed that an additional 2.4 million US consumers have had their names and driver’s license details stolen. These consumers weren’t identified during last year’s forensic analysis since the current examination involved leveraging the Social Security Numbers (SSNx) and names used as ‘key elements to identify’ those impacted by the cyberattack.
Equifax insists that the newly identified customers haven’t had their SSNs stolen alongside their driver’s license information.
“This is not about newly discovered stolen data,” said Paulino do Rego Barros, Jr., Interim Chief Executive Officer at Equifax. “It’s about sifting through the previously identified stolen data, analyzing other information in our databases that was not taken by the attackers, and making connections that enabled us to identify additional individuals.”
This isn’t the first time Equifax has expanded the estimate of the data breach, initially pegged at 143 million consumers. Come October 2017, the company raised its estimate by a further 2.5 million to 145.5 million.
The admission comes at a time of increasing scrutiny by Washington into the company.
“I spent five months investigating the Equifax breach and found the company failed to disclose the full extent of the hack,” Senator Elizabeth Warren (D-Mass.) said following the latest reveal. “Enough is enough. We have to start holding the credit reporting industry accountable.”
Meanwhile, Equifax insists it will reach out to notify newly identified US consumers about identity theft protection and credit file monitoring services that will be offered to them.
Image credit: Pixabay.