Equifax troubles deepen
Another 2.4M people hit by breach last year.
Equifax said Thursday that 2.4 million more people than it previously believed were affected by its massive data breach last year, the second time it has revised up estimates of the number of Americans whose information was stolen.
The company said hackers stole partial driver’s license information from this latest group of victims. The news brings the total number of Americans affected by the breach, which occurred between May and July, to about 148 million.
The driver’s license information stolen did not include home addresses or states, dates of issuance or expiration dates, the credit reporting agency said.
“This is not about newly discovered stolen data,” said Equifax CEO Paulino do Rego Barros Jr. “It’s about sifting through the previously identified stolen data, analyzing other information in our databases that was not taken by the attackers, making connections that enabled us to identify additional individuals.”
Equifax said it would notify the newly identified consumers and offer them identity theft protection and credit monitoring services at no cost.
The company had not previously identified these customers because their Social Security numbers were not stolen. Equifax identified previous victims of the attack through Social Security numbers and names. Hackers were chiefly trying to swipe Social Security numbers, the company said.
In September, Equifax initially reported that 143 million consumers were affected by the cybersecurity attack. It said Social Security numbers, birth dates, addresses and, in some cases, driver’s license numbers were stolen.
In October, it revised up its estimate of the number of people affected by 2.5 million, saying the additional accounts were discovered through a cybersecurity firm’s forensic review.