Credit monitoring giant Equifax has sent a letter to several US Congressional committees admitting that additional thousands of Americans’ driving licenses and passport information were also compromised during last year’s mega breach.
In the letter, Equifax said that some 38,000 drivers’ licenses and 3,200 passport details had also been compromised during the breach that exposed the details of 146.6 million customers. To be clear, that’s an addition to the personal details of nearly half the American population that the company has fessed up to prior to the recent disclosure.
In analyzing the breach through a forensic firm further, the company discovered that hackers had targeted more document categories. An additional 12,000 social security and 3,000 government identification documents including military IDs and resident alien cards were also impacted by the breach.
In the letter, the company wrote:
“In response to governmental requests for additional information, the company recently analysed the dispute documents stolen in the cybersecurity incident and determined the approximate number of valid US government-issued identifications that had been uploaded to the dispute portal.”
In total, the company summed up the startling impact of the breach that saw hackers siphon away 146.6 million names, 146.6 million dates of birth, 145.5 million social security numbers, a total of 99 million residential addresses and some 209,000 card numbers.
“With assistance from Mandiant, a cybersecurity firm, forensic investigators were able to standardise certain data elements for further analysis to determine the consumers whose personally identifiable information was stolen,” Equifax added.
The company said it had notified customers impacted by the breach individually and wasn’t required to comply with a broad disclosure upon delivery.
Image credit: Pexels.