Equifax announced on Thursday that an additional 2.4 million Americans were victims of last year’s massive data breach that has impacted at least 147.9 million Americans in total so far. In a scathing statement, Sen. Elizabeth Warren asserted that Equifax could not be trusted while urging Congress to pass legislation imposing massive, mandatory penalties for security breaches from credit reporting agencies.
On Thursday, Equifax issued the following statement: “Equifax was able to identify approximately 2.4 million U.S. consumers whose names and partial driver’s license information were stolen, but who were not in the previously identified affected population discussed in the company’s prior disclosures about the incident. This information was partial because, in the vast majority of cases, it did not include consumers’ home addresses, or their respective driver’s license states, dates of issuance, or expiration dates.”
“We continue to take broad measures to identify, inform, and protect consumers who may have been affected by this cyberattack,” said Paulino do Rego Barros Jr., Interim Chief Executive Officer. “We are committed to regaining the trust of consumers, improving transparency, and enhancing security across our network.”
Last year, Equifax announced that a massive breach allowed hackers to illegally access the personal information of more than 140 million Americans, including Social Security numbers, birth dates, credit card numbers, and driver’s license numbers. Although Equifax first discovered the unauthorized access on July 29, the company did not make any public announcement until 40 days later, on September 7, 2017.
By failing to immediately inform the public of the unauthorized access, Equifax left many consumers exposed to numerous threats of credit card fraud, identity theft, tax fraud, and other crimes. When the company finally informed the public 40 days after the breach, Equifax reportedly attempted to deceive customers into waiving their legal rights.
“I spent 5 months investigating the Equifax breach and found the company failed to disclose the full extent of the hack. Today, Equifax acknowledged that 2.4 million more people were affected than initially reported and that driver’s license information was also stolen. Equifax can’t be trusted. Their mistakes allowed the breach to happen, their response has been a failure, and they still can’t level with the public,” Sen. Warren said in a recent statement. “Enough is enough. We have to start holding the credit reporting industry accountable. I have a bill with Senator Warner that would impose massive, mandatory penalties when companies like Equifax expose millions of Americans’ personal information. If we want to prevent another Equifax breach, the Senate should pass it.”
In January, Sens. Elizabeth Warren and Mark Warner introduced legislation to impose massive, mandatory penalties for security breaches from credit reporting agencies. According to Warren, Equifax would have paid at least $1.5 billion in penalties under this legislation.
COMMENTS