Security

Equifax peeks under couch, finds 2.4 million more folk hit by breach

It's OK, it was only partial driving licence information

By Rebecca Hill

33 SHARE

Embattled credit-reporting company Equifax has done some data crunching and discovered another 2.4 million people that had their information slurped by hackers.

The biz, which was subject to one of the biggest data breaches in US history last May, has already had to revise up the number of affected individuals.

The total stood at 145 million in the US and hundreds of thousands in the UK and Canada – but it's now found a few more people that previously escaped its "forensic" testings.

In a statement released today, Equifax said that ongoing analysis of the stolen data had allowed it to confirm the identities of an additional 2.4 million folks in the US who had partial driving licence information taken.

"This information was partial because, in the vast majority of cases, it did not include consumers' home addresses, or their respective driver's license states, dates of issuance, or expiration dates," the statement said.

Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc

READ MORE

The business said that it had – as recommended by forensic experts – focused its initial assessments on Social Security Numbers and names as a way of identifying who was affected by the hack.

The newly identified batch of people, however, did not have their SSNs stolen so weren't picked up by the previous investigations.

Equifax's interim boss Paulino de Rego Barros said in a statement that the announcement "is not about newly discovered stolen data".

Rather, he said, it was about "sifting through the previously identified stolen data" and comparing it with information in the business's database that was not stolen to identify people who had previously slipped through the net.

These people – who had presumably until now thought they were off the hook – will be contacted directly and offered free identity theft protection and credit file monitoring services.

The company is to report its fourth quarter results tomorrow. ®

Sign up to our NewsletterGet IT in your inbox daily

33 Comments

More from The Register

Er, we have 670 staff to feed now: UK's ICO fines 100 firms that failed to pay data protection fee

Enforcing GDPR is expensive work, says watchdog

Campaigners call for immigration exemption in UK's Data Protection Act to be scrapped

Judicial review into law launched

Cambridge Analytica seeks data protection assistant

Jobseeker? You may have heard of it...

Reel talk: You know what's safely offline? Tape. Data protection outfit Veeam inks deal with Quantum

Magnetic strips barrier to ransomware, burble box-flingers

US tech circles wagons as India reviews data protection proposals

Ex-Cisco CEO-chaired lobby leading the charge

IT management software crowd Kaseya buys cloudy data protection crew Spanning

Private equity holdings shuffle

Why, hello Rubrik's Trello: Data protection biz leaves productivity tool open to world+dog

Anyone with URL could see lists of case study projects

Uber hack: EU data protection bods launch taskforce

Justice commissioner slams biz for 'irresponsible' behaviour

UK.gov's Brexiteers warned not to push for divergence on data protection laws

As PM lacks specifics on UK’s desired ‘adequacy-plus’ deal

Big tech wants the ICO on EU data protection board in Brexit fallout

Watchdog keeping voting rights 'huge gain' for marketing sector, say Facebook, Google et al