Equifax data breach exposed more info than initially reported

Hackers have stolen more information during Equifax data breach than initially expected

Equifax data breach exposed more personal data than initially thought

It seems that Equifax data breach[1] may turn out to be even worse than the forensic investigation revealed. Officially reported in July 2017 Equifax is considered to be one of the biggest data breaches of the 21st century. Cyber criminals have stolen personal data[2] of 145.5 million consumers pushing them into a huge risk of identity theft.

In September, the company shared a credit indicating the number of victims and the kind of personal data that has been leaked to criminals. Names, social security numbers, birth dates, addresses, and the numbers of driver's licenses have been reported for massive disclose. Besides, credit card numbers for about 209,000 U.S. customers were also exposed.

However, recently a document submitted to Senate Banking Committee by Atlanta-based Equifax Inc.[3] indicates much different Equifax data breach results. According to the report, it turns out that Equifax might have initially disclosed only personal information that was stolen massively and affected the highest number of US consumers.

Equifax did not disclose all information that was stolen during hack up until now

According to the initial document that was provided to The AP by Senator Elizabeth Warren’s (D-MA) office in September 2017, Equifax hack leaked Social Security numbers, birth dates, addresses, driver's licenses, and credit card details on a massive scale.

However, the statistics outlining the results of Equifax data breach disclosed in a recent Atlanta-based Equifax Inc. document do not match with the one provided in the forensic company's records.[4]

Elizabeth Warren, a credit reporting bureau, admitted that the range of stolen data is far more extensive than reported last year. The ultimate list of personal information leaked includes:

  • passport numbers
  • Social Security numbers
  •  first, last, and middle names and suffixes
  • gender
  • home addresses and phone numbers
  • driver’s license numbers
  • the date the driver's license was issued and the state issuing them
  •  date of birth
  • credit card numbers
  • credit card's expiration date
  • “CV2” security numbers
  •  tax ID numbers
  • email addresses

However, Equifax spokeswoman insists that not all 145.5 million US customers were affected. Griffanti also points out that this list includes a potential data points that might have been leaked by crooks, but not all 145.5 million were affected. According to her, data like passport numbers were not stolen at all.[5]

Equifax's behavior causes customers' anger

Although hackers attacked Equifax in Jul 2017, the crime was officially reported in September – almost two months after. As for now, the company is suspected of attempts to hide some pieces of information that were leaked to during the hack.

Instead of “act[ing] with the greatest clarity” by not disclosing a complete list of data leaked, Equifax increases the fuss among US customers and raises anger for not being conscientious. As company's spokeswoman Meredith Griffanti asserts, “in no way did we (Equifax) intend to mislead consumers.”

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions