Equifax logoImage copyright

Image caption

Senator Warren has claimed that Equifax 20;botched21; its earlier response to the breach

Equifax is facing a fresh demand to disclose the full extent of last year’s breach, following a report that it was bigger than previously disclosed.

The Wall Street Journal (WSJ) reported on Friday that cyber-thieves had accessed US citizens’ email addresses, tax ID numbers and more driver licence information than acknowledged earlier.

US Senator Elizabeth Warren is now demanding details of any other data the firm believes may have been stolen.

She wants a reply by the week’s end.

“As your company continues to issue incomplete, confusing, and contradictory statements and hide information from Congress and the public, it is clear that five months after the breach was publicly announced, Equifax has yet to answer this simple question in full: what was the precise extent of the breach?” the Democratic senator from Massachusetts wrote in a letter to the credit rating agency.

The WSJ said it was unclear how many of the 15.5 Americans that the firm had previously said were affected by the breach, had had the additional information about them exposed.

The Atlanta, Georgia-based company, one of the biggest companies of its kind, had previously confirmed that social security numbers, birth dates and addresses had been compromised.

“We have complied with applicable notification requirements in the disclosure process,” the firm told the WSJ.

It added that it believed that the additional driver licence data exposed – which is reported to have involved issue dates and the states that granted them – was “extremely minimal”.


The data breach – which is thought to have occurred between mid-May and July – also affected customers in the UK.

Last month, Equifax revealed that it was writing to a further 17,431 consumers in the country on top of the 93,65 it had already promised to notify.

A spokeswoman for Equifax was unable to comment on whether the disclosure from the US might indicate that additional information about UK citizens could also have been stolen.

The UK’s Financial Conduct Authority is currently investigating Equifax over the cyber-attack, but said it had nothing to add to a letter outlining the probe that it issued in October.

Source link
thanks you RSS link
( http://www.bbc.co.uk/news/technology-43033202)


Please enter your comment!
Please enter your name here