Equifax peeks under couch, finds 2.4 million more folk hit by breach

It's OK, it was only partial driving licence information

By Rebecca Hill

Posted in Security, 1st March 2018 17:02 GMT

Embattled credit-reporting company Equifax has done some data crunching and discovered another 2.4 million people that had their information slurped by hackers.

The biz, which was subject to one of the biggest data breaches in US history last May, has already had to revise up the number of affected individuals.

The total stood at 145 million in the US and hundreds of thousands in the UK and Canada – but it's now found a few more people that previously escaped its "forensic" testings.

In a statement released today, Equifax said that ongoing analysis of the stolen data had allowed it to confirm the identities of an additional 2.4 million folks in the US who had partial driving licence information taken.

"This information was partial because, in the vast majority of cases, it did not include consumers' home addresses, or their respective driver's license states, dates of issuance, or expiration dates," the statement said.

Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc

READ MORE

The business said that it had – as recommended by forensic experts – focused its initial assessments on Social Security Numbers and names as a way of identifying who was affected by the hack.

The newly identified batch of people, however, did not have their SSNs stolen so weren't picked up by the previous investigations.

Equifax's interim boss Paulino de Rego Barros said in a statement that the announcement "is not about newly discovered stolen data".

Rather, he said, it was about "sifting through the previously identified stolen data" and comparing it with information in the business's database that was not stolen to identify people who had previously slipped through the net.

These people – who had presumably until now thought they were off the hook – will be contacted directly and offered free identity theft protection and credit file monitoring services.

The company is to report its fourth quarter results tomorrow. ®

Sign up to our NewsletterGet IT in your inbox daily

33 Comments

More from The Register

Cambridge Analytica seeks data protection assistant

Jobseeker? You may have heard of it...

UK.gov's Brexiteers warned not to push for divergence on data protection laws

As PM lacks specifics on UK’s desired ‘adequacy-plus’ deal

Uber hack: EU data protection bods launch taskforce

Justice commissioner slams biz for 'irresponsible' behaviour

Big tech wants the ICO on EU data protection board in Brexit fallout

Watchdog keeping voting rights 'huge gain' for marketing sector, say Facebook, Google et al

UK regulator moots data protection sandbox for organisations to play in

ICO strategy outlines plans to slurp up academic expertise

Austrian privacy chief handed leash to EU's data protection beast

Group warms up for greater powers once GDPR hits

Facebook smartmobe app's pre-ticked privacy settings violate German data protection law

Court favours consumer group in long-running dispute

Don't sweat Brexit, big biz told: Your shiny data protection sticker will remain intact

Survey reveals GDPR training and investment is on the rise

UK.gov told: Scrap immigration exemption from Data Protection Bill or we'll see you in court

Campaigners say proposed law would create a 'discriminatory' system for data access rights

Irish eyes are sighing: Data protection office notes olagoanin'* up 79%

Annual report reveals boost in complaints, breach notifications