Lieff Cabraser Civil Justice Blog
Equifax Consumer Hack Significantly Worse Than Equifax Admitted

Equifax Consumer Hack Significantly Worse Than Equifax Admitted

In documents provided to the Banking Committee of the U.S. Senate, Equifax has now admitted that the breach of its data systems originally reported in September of 2017 that affected over 145 million Americans was significantly worse than it has previously reported. A forensic investigation into Equifax records disclosed that beyond the compromise of names, birth dates, credit card numbers, driver’s license numbers, and Social Security numbers, criminals also gained access to tax identification numbers, phone numbers, and email addresses. These newly reported breaches also included fine details about the information, including card expiration dates and issuing states of driver’s licenses.

As many consumers and consumer advocates have feared all along, in addition to delaying in even reporting the breach, Equifax has apparently worked to underreport the breadth and depth of the exposure of at least half the consumers in the United States. As CNBC notes, “Equifax waited months to disclose the hack. After it did, anxious consumers experienced jammed phone lines and uninformed company representatives. An Equifax website set up to help people determine their exposure was described as sketchy by security experts and provided inconsistent and unhelpful information to many. The company blamed the online customer help page’s problems on a vendor’s software code after it appeared that it had been hacked as well.”

The U.S. Senate’s recent report on the massive Equifax breach described it as “one of the largest and most significant data security lapses in history.”

Read the full article on CNBC.com.