The credit rating agency said it didn’t originally announce “potential” data points, like tax identification numbers, that “may
have been accessed” by hackers.
Hackers stole more data from Equifax in a breach last year than initially thought.
In September, the Atlanta, GA-based credit giant revealed a huge data breach, including names, social security numbers, birth
dates, home addresses, and in some cases driver’s license numbers. It was later confirmed over 145 million were affected,
primarily Americans, but also some Canadians and British citizens.
The hack became the largest single data breach reported in 2017.
But documents seen by members of the Senate Banking Committee suggest the types of data stolen were wider than the company first
reported.
A letter published Friday by committee member Sen. Elizabeth Warren (D-MA) to acting Equifax chief executive Paulino do Rego
Barros summarized the senator’s five-month investigation into the Equifax breach, which said exposure of tax identification
numbers (TINs), email addresses, and additional license information — such as issue dates and by which state — was not
originally disclosed.
The news of the documents was first reported by The Wall Street Journal.
Tax identification numbers are usually issued by the Internal Revenue Service to workers who aren’t eligible for a Social Security
number, like foreign nationals, in order to report income and file tax returns.
Tax identification numbers were likely exposed because they were found in the same portion of the database where other tax
numbers, like Social Security numbers, were stored.
Commenting in several tweets, Warren said: “In October, when I asked the CEO about the precise extent of the breach, he couldn’t
give me a straight answer. So for five months, I investigated it myself.”
“My investigation revealed the depth of the breach and cover-up at Equifax,” she added. “And since I published the report, Equifax
has confirmed it is even worse than they told us.”
When reached, an Equifax spokesperson called the Journal’s headline “extremely misleading,” but confirmed that some additional
data points were impacted by the breach.
“We are fully aware — and have been — of the data that was stolen,” said spokesperson Meredith Griffanti in an email to ZDNet.
The company said it has always been up front about the data “primarily included” in the breach, but recently gave the Senate
Banking Committee data points “that may have been accessed that we categorized and analyzed in the forensic investigation.”
“Some of these were impacted — and some, like passports or [card verification numbers] for example, were not,” said Griffanti.
“We sent direct mail notices to those consumers whose credit card numbers or dispute documents with [personal data] were
impacted,” the spokesperson confirmed.
From:http://www.zdnet.com/article/hackers-stole-more-equifax-data-than-first-thought/
About OsMonitor:
The mission of OsMonitor is to create a Windows computer system tailored for work purposes, effectively regulating employee computer behavior. It enables employers to understand what employees are doing each day, monitoring every action, including screen activity and internet usage. Additionally, it restricts employees from engaging in specific activities such as online shopping, gaming, and the use of USB drives.
OsMonitor, designed purely as software, is remarkably user-friendly and requires no additional hardware modifications. A single management machine can oversee all employee computers. As a leading brand in employee computer monitoring software with over a decade of successful operation, OsMonitor has rapidly captured the global market with its minimal file size and excellent cost-effectiveness compared to similar software. At this moment, thousands of business computers worldwide are running OsMonitor daily.
