Equifax hack put more info at risk than consumers knew
The Equifax data breach exposed more of consumers’ personal information than the company first disclosed last year, according to documents given to lawmakers.
The credit reporting company announced in September that the personal information of 145.5 million consumers had been compromised in a data breach. It originally said that the information accessed included names, Social Security numbers, birth dates, addresses and – in some cases - driver’s license numbers and credit card numbers. It also said some consumers’ credit card numbers were among the information exposed, as well as the personal information from thousands of dispute documents.
However, Atlanta-based Equifax Inc. recently disclosed in a document submitted to the Senate Banking Committee, which was shared with The Associated Press, that a forensic investigation found criminals accessed other information from company records.
That included tax identification numbers, email addresses and phone numbers. Finer details, such as the expiration dates for credit cards or issuing states for driver’s licenses, were also included in the list.
The additional insight into the massive breach was first reported by the Wall Street Journal.
Equifax’s disclosure, which it has not made directly to consumers, underscores the depth of detail the company keeps on individuals that it may have put at risk. And it adds to the string of missteps the company has made in recovering from the security debacle.
Equifax spokeswoman Meredith Griffanti said that “in no way did we intend to mislead consumers.” The company last year disclosed only the information that affected the greatest number of consumers and wanted to “act with the greatest clarity” in terms of the information provided the committee, she said.