Turns out, the Equifax data breach was even worse than we thought

Written by |

Last fall, the Equifax data breach sent a shock to the financial system when it was announced that criminals hacked into a web portal app on the company’s site and stole massive amounts of consumer information.

After that first bombshell in early September, news trickled out in the days that followed, including the revelation that as many as 145.5 million people were exposed to identity theft in the massive breach. It was revealed that part of the trove of personal data seized by the bad guys included Social Security numbers, credit and debit card numbers and names and addresses.

The Equifax data breach was worse than we thought — here’s why 

But in recent days, new information has surfaced regarding the scope of the breach. In a document the credit-reporting agency handed over to Senate Banking Committee members, including consumer advocate and Sen. Elizabeth Warren of Massachusetts, the Atlanta-based company reportedly disclosed that tax identification numbers, email addresses and phone numbers were also part of the haul.

The new details, first reported by the Wall Street Journal, also indicate that criminals made off with the issuing states for some driver’s licenses and credit card expiration dates. Curiously, Equifax still has not directly disclosed that information to consumers.

RELATED: A look back our biggest story of 2017: Equifax data breach

Equifax spokeswoman Meredith Griffanti told CNBC.com that even though the company significantly pared down the amount of stolen information it revealed to the public, it wasn’t trying to deceive anyone.

“When you are making that kind of announcement, where do you draw the line?” she said “If you saw the list we provided the banking finance committee, it was pretty exhaustive. We wanted to show them that no stone was left unturned.”

Even before these latest revelations, money expert Clark Howard has recommended that consumers not use Equifax’s creditmonitoring service. Instead, he has consistently touted Credit Karma as a free and safe alternative for keeping tabs on your most valuable information.

The Clark-approved way to protect your credit

Clark recommends a two-pronged approach to protecting yourself (and, in fact, advised consumers to do this even before the massive Equifax hack). Here’s what to do:

  1. Sign up for a CreditKarma.com account to get free credit monitoring and be notified when anyone tries to access your personal info. Here’s a step-by-step rundown of how to do it.
  2. Freeze your credit at the three major credit-reporting bureaus. Here’s an in-depth guide on how to contact Equifax, TransUnion and Experian to freeze your accounts.

Aside from congressional committees, numerous governments on the local level are looking into Equifax, as well. See what states are trying to do to protect you and how to contact your own representatives.