Equifax Breach Adds 2.5 Million More Americans to Total

By Paul Ausick Updated Jan 12, 7:35AM EST · Published Oct 3, 7:50AM EDT

Follow 24/7 Wall St. on Google

This post may contain links from our sponsors and affiliates, and Flywheel Publishing may receive compensation for actions taken through them.

Equifax Breach Adds 2.5 Million More Americans to Total — © Thinkstock

In a press announcement released Monday night, Equifax Inc. (NYSE: EFX) said that further investigation of the data breach first reported on September 7 has added another 2.5 million Americans to the number of consumers whose personally identifiable records were stolen from the company. A new total of 145.5 million Americans “were potentially impacted” according to Equifax.

Mandiant, a subsidiary of cybersecurity firm FireEye Inc. (NASDAQ: FEYE), concluded its forensic analysis on Sunday and Equifax interim CEO Paulino do Rego Barros, Jr., ordered that the results “be promptly released.”

The announcement included a modification of Equifax’s earlier statement that up to 100,000 Canadian consumers had been affected by the breach. The company said that the final review revealed that about 8,000 Canadians may have had their personal information stolen.

[nativounit]

Barros said:

I want to apologize again to all impacted consumers. As this important phase of our work is now completed, we continue to take numerous steps to review and enhance our cybersecurity practices. We also continue to work closely with our internal team and outside advisors to implement and accelerate long-term security improvements.

The company also said it will mail written notices to all potentially affected U.S. consumers who the company has been able to identify since the September 7 announcement. Equifax will also update its online website to include the additional consumers’ names by October 8.

In testimony scheduled to be presented to a U.S. House committee later Tuesday, former Equifax CEO Richard A. Smith outlined his version of Equifax’s actions since the company was first notified on March 8 of a need to patch a software program the company used on its consumer dispute website.

In his testimony, Smith says that Equifax discovered in late July that the first data breach occurred on May 13 and that between that date and July 30, “there is evidence to suggest that the attacker(s) continued to access sensitive information …. During that time, Equifax’s security tools did not detect this illegal access.”

The breach, Smith says, “occurred because of both human error and technology failures.”

[recirclink id=415408]

[wallst_email_signup]

About the Author Paul Ausick →

Paul Ausick has been writing for a673b.bigscoots-temp.com for more than a decade. He has written extensively on investing in the energy, defense, and technology sectors. In a previous life, he wrote technical documentation and managed a marketing communications group in Silicon Valley.

He has a bachelor's degree in English from the University of Chicago and now lives in Montana, where he fishes for trout in the summer and stays inside during the winter.