More Info Leaked from Equifax Hack than Originally Reported

So many people were devastated to learn of the Equifax hack last year. We discovered that when the credit rating agency was breached, the names, account information, social security numbers, birth dates, and driver’s license numbers were stolen.

All of this meant that the hackers had access to the financial lives of all these users. It was very frightening to many people, and not just Equifax users. And now the news has gotten even worse. It’s being reported that the September news of the situation didn’t include all the information. There was even more leaked than previously reported.

news-equifax-hoodie2

A document submitted to the Senate Banking Committee explains there was even more personal information leaked than previously thought. While the total number of Equifax customers that were affected has not changed. A forensic investigation found that additional personal information was accessed.

Equifax submitted a document to the Senate Banking Committee, and that was given to The Associated Press by Sen. Elizabeth Warren’s office.

People’s names, account information, social security numbers, birth dates, and driver’s license numbers weren’t the only info leaked. It also included tax identification numbers, email addresses and phone numbers. There was also deeper information leaked, such as credit card expiration dates and driver’s license issuing states.

Meredith Griffanti, Equifax spokeswoman, promises that “in no way did we intend to mislead consumers.” What they originally disclosed last September affected the most people, and they were acting “with the greatest clarity” with the information they gave the committee.

Additionally, Griffanti points out that this extra info Equifax is admitting to now affected very few consumers. Also, there was some info that was not stolen, such as passport numbers.

“When you are making that kind of announcement, where do you draw the line? If you saw the list we provided the banking finance committee, it was pretty exhaustive,” Griffani added. “We wanted to show them that no stone was left unturned.”

news-equifax-hack-lock

The company has worked at making changes since the original announcement back in September that there had been a leak of information. They have replaced their CEO and have spent plenty of money attempting to fix the breach as well as rectify it.

Just last month it started a new service that will allow users to lock and unlock their credit report. The New York Times tested the site, however, and they found it unusable in several ways. Equifax says that situation was an exception and that it has initiated changes to this service in the meantime.

Despite all this, they are also dealing with regulatory investigations into the hack on top of consumer lawsuits estimated to number in the hundreds. And on February 7 Sen. Warren released a report regarding the hack and noted that it was “one of the largest and most significant data security lapses in history.”

This puts consumers in a difficult position. Certainly, this is a big, bold warning to protect your information online at all costs, especially the information you can’t change. If your password is stolen, you can create another. If your social security number is stolen, it’s not something you can change. It’s a done deal. So be very careful who you choose to share all your information with, especially your more sensitive info.

What are your thoughts regarding this announcement that even more data was included in the Equifax hack? Did the original announcement cause you to make changes? Will you make even more changes now? Let us know your thoughts in the comments section below.

7 comments

  1. “there was some info that was not stolen, such as passport numbers.”
    Whoop-de-freaking-do!!! Thank heavens for little favors.

    “this is a big, bold warning to protect your information online at all costs”
    WHAT exactly can the consumers do to protect their information stored IN CORPORATE databases???!!!

    “So be very careful who you choose to share all your information with”
    In spite of how important we think the data is that we provide willingly, it is almost of no consequence in importance to the data being stored in corporate databases. You are laboring under the mistaken belief that you and I and 140 million other consumers had ANY choice about sharing the information stolen from Equifax. That information was collected WITHOUT our permission and WITHOUT our knowledge. The really scary and alarming thing about this is that there are hundreds, if not thousands, of entities, both corporate and government, that collect the most sensitive data about us without our knowledge and permission. We have ABSOLUTELY NO choice in the matter.

    “What are your thoughts regarding this announcement that even more data was included in the Equifax hack?”
    Equifax, along with the other two credit agencies, make life-altering decisions about our financial lives. They must be have the trust of all that are using them. If it were up to me, I would apply the death penalty, i.e. force Equifax out of business. AFAIAC, Equifax has lost its usefulness. They no longer trustworthy.

    The one and only and overarching question that must be asked about the hundreds of corporations that have succumbed to theft of data from their databases, a question that should have been asked years ago when the first breaches occurred is DON’T THESE COMPANIES DO SECURITY AUDITS AND STRESS-TEST THEIR DATABASE SECURITY???

    Firing the CEO is a mostly meaningless gesture. He probably got a golden parachute anyway. Instead of firing the CEO, the CIO and those responsible for data security, they should be fired upon by a firing squad. Unless there are serious consequences to pay for the data breaches, there will be no serious effort to secure corporate databases.

    “Will you make even more changes now? ”
    Again, there are NO changes that I can make that will protect my data stored in somebody else’s database. It is THEIR responsibility and obligation to sufficiently secure it.

    • “That information was collected WITHOUT our permission and WITHOUT our knowledge. ”

      Well, if your information shows up at Equifax, they didn’t steal it out of your mouth. You shared it in some way, somehow, at somepoint. Perhaps not with Equifax, but it was shared somewhere for them to get it.

      • That’s right! Blame the vistim!
        Of course it’s all my fault.
        If I did not apply for credit cards, Equifax would not have my credit card numbers.
        If I did not apply for a passport, Equifax would not have my passport number.
        If I did not apply for loans, Equifax would not have my financial history.
        Etc. etc. etc.

        The only people who are supposed to know my passport number are me and the State Department. Since I have had NO contact with Equifax, and I would not provide them with the number even if the insisted, they must have obtained the number from that State Department database.
        Equifax compiled my financial history from the databases of various banks. Some of that data is esoteric, created and used only for use by banks and Equifax. You and I and the consumers would not even know that data existed so we could not share it with anybody even if we wanted to.

  2. This is a company, like so many others, that essentially profit from (illegal) data-mining. It is an industry problem made worse by the fact the our own government is engaged in the same (illegal) data-mining, data-sharing behavior.

    We’re not going to see an improvement in this area because the bad actors (gov, big tech, advertisers…) have invested our future into a scheme that puts everyone in constant jeopardy.

    Like Yahoo and countless others, any “investigation” is just for show. Has the fictitious “nation-state” been blamed for the hack already?

    We are in the very dark ages of technology – where abuse of power runs rampant, where there is no accountability and even less transparency. You can’t fix a problem when those making the rules rely on these problems to exist. It’s ugly out there when backdoors are a requirement at every stage of development.

  3. Here’s a novel idea; why don’t we blame the HACKER? After all, as long as an electronic ecosystem exists in any form, there will always be corrupt people — within and without the “system” (government, corporations, etc.) who will muck up the works, and laying all the blame at the feet of those whose business includes knowing some personal information is just a cop-out. As Ellie Sattler said in Jurassic Park, “Control IS the illusion”!

    • If you leave your doors unlocked and windows wide open, and your house is burglarized, isn’t that partly your fault? Sure, the burglar did the deed but if the doors and windows were locked and barred, he would not have been able to do it, or at least it would have been much harder for him.

      “laying all the blame at the feet of those whose business includes knowing some personal information is just a cop-out”
      Is it a cop-out? Don’t you think that it is incumbent on them to secure and protect that Information? Or are they just a”public library” where anybody can browse the information?

  4. There is little the individual can do to rectify the situation; close the barn door after the horse has left? It all begs the question of why this information is not protected by a right to privacy which the courts of this country have supposedly asserted is inherent in the Constitution. All the agencies that report to these credit bureaus should be required to obtain their customers permission before sharing one byte of information with another institution unless compelled to do so by a warrant or court order.

Leave a Comment

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.

Sponsored Stories