In a recent disclosure, Equifax revealed 2.5 million more Americans than initially believed may have been affected by the historic data breach, bringing the tally to 145.5 million people affected consumers. Earlier in September, the firm said that the hackers swiped heaps of valuable data of millions of consumers in July including names, social security numbers, dates of birth, addresses, credit card numbers and other information.
Equifax hired a cybersecurity firm Mandiant to investigate the breach, found that 2.5 million more US consumers were potentially impacted by the massive breach. Later in a statement released by Equifax on Wednesday,2 October said that the firm did not identify any evidence of new or additional hacking activity or unauthorized access to new databases or tables.
The newly appointed interim CEO, Paulino do Rego Barros, Jr said – “I was advised Sunday that the analysis of the number of consumers potentially impacted by the cybersecurity incident has been completed, and I directed that the results be promptly released. Our priorities are transparency and improving support for consumers. I will continue to monitor our progress on a daily basis.”
There also was a correction made on the part of Equifax who had earlier disclosed that data of about 100000 Canadians may have been compromised in the breach. The revised figures show that around 8000 potential Canadians were victims of the attack who will be notified by the firm via email.
As far as the UK consumers are concerned the company said it is “continuing discussions with regulators in the United Kingdom regarding the scope of the company’s consumer notifications as the analysis of the completed forensic investigation is completed”.
Adding further Barros said – “I want to apologize again to all impacted consumers. As this important phase of our work is now completed, we continue to take numerous steps to review and enhance our cybersecurity practices. We also continue to work closely with our internal team and outside advisors to implement and accelerate long-term security improvements.”
These disclosures by Equifax has drawn fierce criticism from consumers and lawmakers. Numerous lawsuits and probes have been slapped on the firm by the US states, Congress and the Justice Department. The company has also faced severe criticism after it revealed that three of its executives sold almost $2m worth of company stock just days after the company found out about the attack, but before it was publicly disclosed.
Former CEO Richard Smith who also is company’s chief information officer and chief security officer has retired. He is scheduled to testify this week on Capitol Hill before multiple Senate and House committees.