Security & Fraud

Equifax Gives Congress More Breach Data Information

Equifax, the embattled credit scoring company that was the subject of a massive data breach last fall, provided several congressional committees in the Senate and House with more information on the data compromised in the breach.

In a press release, Equifax said the additional details do not identify additional stolen data or new customers that were impacted, nor do they require more consumer notifications. Equifax said in the statement that the additional information provided to Congress includes how many U.S. consumers were impacted by each data element stolen. “Equifax announced in September of 2017 that the primary data stolen in the cybersecurity incident included names, Social Security numbers, birth dates, addresses and driver’s license numbers. In December, Equifax released the extensive list of data elements it had analyzed to Congress, and as part of its commitment to transparency with consumers, regulators, elected officials and customers, the company has now provided the approximate number of impacted U.S. consumers for each of those data elements,” the company stated in the press release.

Equifax said it also gave the congressional committees details on the images accessed by the hackers from the company’s dispute portal. That theft was previously disclosed, noted Equifax. “Equifax is confident that the additional detail about the 2017 cybersecurity incident does not identify new stolen data or newly impacted consumers and does not require additional consumer notification,” it stated.

The data breach, which impacted more than 145 million consumers, could turn out to be the most costly one for a public company. Not only did the company announced in late April that it was bringing on a new CTO and top security and IT talent, but it spent $68.7 million in the first quarter alone on expenses associated with the breach. The company so far has spent $242.7 million on breach costs, and more are likely to come, with Equifax in March predicting a further $275 million in related expenses. The breach could turn out to be the most expensive of all time, according to a Reuters report.


Featured PYMNTS Study: 

With eyes on lowering costs to improving cash flow, 85 percent of U.S. firms plan to make real-time payments integral to their operations within three years. However, some firms still feel technical barriers stand in the way. In the January 2020 Making Real-Time Payments A Reality Study, PYMNTS surveyed more than 500 financial executives to examine what it will take to channel RTP interest into real-world adoption. Here’s what we learned.