Image of a Cybersecurity Graphic
Cybersecurity Graphic; image courtesy of typographyimages via Pixabay,

Just when we thought news about the Equifax hack couldn’t get worse, the company announced yesterday that “an additional 2.4 million Americans were impacted by last year’s data breach.” Unlike the millions of other Americans impacted by the hack, however, these new 2.4 million consumers “had significantly less personal information stolen,” according to the announcement. For example, Equifax claims the “additional consumers only had their names and a partial driver’s license number stolen by the attackers, unlike the original 145.5 million Americans who had their Social Security numbers impacted.”

This recent announcement about the “largest data breach of personal information in history” now brings the tally of affected Americans up to nearly 147.9 million. But how were the 2.4 million consumers discovered? Well, according to Equifax, they were found by “cross-referencing names with partial driver’s license numbers using both internal and external data sources.” They weren’t discovered before now because the initial investigations focused primarily “on those with Social Security numbers impacted” due to an increased risk of identity theft.

Image of a Internet Security Warning Graphic
Internet Security Warning Graphic; image courtesy of typographyimages via Pixabay,

For now, the company plans to contact all the newly impacted consumers “and will provide the same credit monitoring and identity theft protection services they have been offering to the original victims.

Unfamiliar with the Equifax hack? For starters, it’s now known as one of the worst in data breach history, and occurred between “mid-May and July,” though wasn’t discovered by Equifax officials until July 29. Bluntly put, it was a devastating data breach that compromised the personal information of millions of people across the U.S., Canada, and the UK. According to reports from Equifax, “cyber criminals accessed sensitive information such as names, social security numbers, birth dates, addresses, and the numbers of some driver’s licenses.” To make matters worse, the attack compromised “credit card numbers for about 209,000 U.S. customers…as was personal identifying information on roughly 182,000 U.S. customers involved in credit report disputes.”

Wondering how Equifax even had so many people’s personal data? Well as “one of three nationwide credit-reporting companies that track and rates the financial history of U.S. Consumers,” Equifax gets its consumer data from a number of different sources, including “credit card companies, banks, retailers, and lenders who report on the credit activity of individuals to credit reporting agencies,” and it even purchases public records. This means consumers might not always be aware that they’re even an Equifax customer. It uses the information it gathers to analyze consumer data “about loans, loan payments and credit cards, as well as information on everything from child support payments, credit limits, missed rent and utility payments, addresses and employer history” to calculate credit scores, among other things.


Join the Discussion