Cyber Security

Equifax Provides Statement to SEC Regarding Data Breach

Cyber Security Investing
Security Investing

In a letter to the US Securities and Exchange Commission, Equifax confirmed September 2017’s data breach included driver’s licenses, passports, phone numbers and email addresses.

Equifax (NYSE:EFX) has officially revealed the extent of the cybersecurity incident that occurred in September 2017, stating that 146.6 million people have lost data containing their name and date of birth to the hackers.

According to its filing to the Securities and Exchange Commission (SEC) on Monday (May 7), 145.5 million people lost their SSN data to the hackers while 99 million people were impacted with the data containing their address.

The company further said that 27.3 million people lost their gender identity while 20.3 million had their driver’s license number stolen. What’s more, email addresses of 1.8 million people were compromised while payment card number and expiration date of 209,000 people were also stolen.

Also mentioned were the TaxID data and Driver’s license state data with 97,500 people and 27,000 people losing their information respectively.

The filing was submitted to SEC after the company faced heavy pressure from Congress.

“Through the company’s analysis, Equifax believes it has satisfied applicable requirements to notify consumers and regulators. It does not anticipate identifying further impacted consumers, as it has now completed analysis of government issued identification numbers stolen together with names,” the letter to the SEC read.

In March, Equifax said that 2.4 million more people were affected by the hack, but that these people were not previously identified with regards to the data being stolen.

“This is not about newly discovered stolen data,” Paulino do Rego Barros, Jr., interim CEO of Equifax said in March. “It’s about sifting through the previously identified stolen data, analyzing other information in our databases that was not taken by the attackers, and making connections that enabled us to identify additional individuals.”

Of note in Equifax’s letter letter to the SEC is that number of the people who affected by the hack in the US alone. The filing does say, however,‘limited personal information for certain United Kingdom and Canadian residents were stolen, no numbers were given on these individuals.

“We continue to take broad measures to identify, inform, and protect consumers who may have been affected by this cyberattack,” Barros said in March. “We are committed to regaining the trust of consumers, improving transparency, and enhancing security across our network.”

The company also revealed additional information as requested by the government with the company reporting the number of individuals who uploaded government issued identifications to a dispute portal.

“38,000 driver’s licenses, 12,000 social security or taxpayer ID cards, 3,200 passports or passport cards and 3,000 other government-issued identification documents such as military IDs, state-issued IDs and resident alien cards. The government identification documents described above do not identify additional consumers affected,” said the statement from the filing.

Following the Monday’s letter, Equifax closed Tuesday’s trading at at $111.26 with the stock down 1.54 percent over a one-day period.

Don’t forget to follow us @INN_Technology for real-time news updates!

Securities Disclosure: I, Bala Yogesh, hold no direct investment interest in any company mentioned in this article.

The Conversation (0)


S&P 5004050.830.00


Heating Oil2.58+0.02
Natural Gas2.12+0.02