The Number Of Equifax Breach Victims Increased By 2.5 Million
The latest news related to the Equifax security breach is that the credit reporting agency had initially underestimated the number of affected victims. According to recent findings by Mandiant, 2.5 million more Americans than what was initially reported have been affected. And now that Mandiant has completed its full review of the damage, Equifax has decided to warn these additional 2.5 million affected victims by mail.
Finally a Definite Answer From Equifax
The credit reporting agency has been very secretive about the security breach so far, refusing to even provide full details to its own company, fearing various consequences. Considering this, the fact that Equifax has finally decided to accept that 2.5 million more could have been affected by the hacking is a positive move from the company.
All American Clients
Clients of Equifax across the globe can breathe a sigh of relief because Mandiant has revealed that those additional 2.5 million affected by the hacking are all American clients. Therefore, Equifax clients outside of America, especially Canadians, need not fear. Moreover, the number of affected Canadians which was initially reported as 100,000, has since been revised to 8,000.
Mailing All Victims Not An Easy Task
Although Equifax is handling things better than it did earlier when it first came out with the security breach, there’s no doubt that mailing each of the affected victims is not going to be an easy task. In other words, it can be said that the manner in which Equifax has chosen to inform the affected victims is rather sloppy. And the fact that it has to do this before October 8th is only compounding its already existing problems.
Former CEO Richard Smith To Testify
Richard Smith, who just announced his retirement from Equifax last month after the security breach was disclosed, will testify in front of Congress starting Tuesday. Obviously, he’s expected to face the wrath of politicians who have expressed outrage over the fact that a company which is tasked with securing vast amounts of personal data could fail in an obvious task such as keeping their security software up to date.
In a prepared testimony, Richard Smith has been quoted as saying, “To each and every person affected by this breach, I am deeply sorry that this occurred. Whether your personal identifying information was compromised, or you have had to deal with the uncertainty of determining whether or not your personal data may have been compromised, I sincerely apologize. The company failed to prevent sensitive information from falling into the hands of wrongdoers”.
Meanwhile, Equifax’s newly appointed interim CEO Paulino do Rego Barros Jr, has been quoted as saying, “I want to apologize again to all impacted consumers. As this important phase of our work is now completed, we continue to take numerous steps to review and enhance our cybersecurity practices. We also continue to work closely with our internal team and outside advisors to implement and accelerate long-term security improvements”.
Equifax’s Troubles Not Yet Over
As the world scrutinizes the Equifax security breach, it’s becoming more and more obvious that the credit reporting agency could have avoided a lot of damage if only it had come clean with the security breach. And the behavior of some of its top executives – some reportedly sold the company’s stocks just before the breach was made public – have only made things worse.
To date, a number of lawsuits have been filed against the credit reporting agency for allegedly mishandling people’s data.
Mailing the additionally affected 2.5 million victims helps, yes – but only a little.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.