An additional 2.4 million Americans were impacted by the Equifax data breach, the company announced Thursday, citing the results of a continued internal investigation.
In a written statement on its website, Equifax said: “As a result of ongoing analysis of data stolen in last year’s cybersecurity incident … the company has confirmed the identities of consumers whose partial driver’s license information was taken.”
The company said that it was able to identify the victims by, among other means, “referencing” data in its records that the hackers did not steal. The new batch of exposed consumers “were not in the previously identified affected population,” the company said.
Equifax says 2.4 million more Americans exposed in data breach
The new revelations cast doubt on whether the public will ever known the true extent of the massive breach, which was disclosed by the Atlanta-based company on September 7, 2017. Massachussetts Senator Elizabeth Warren, who recently released a report on Equifax called “Bad Credit,” echoed those sentiments in a recent interview, saying that the company was actually still profiting off the hack.
“The problem is there’s no real penalty for them,” Warren told Marketplace.org. “You know, it’s not like consumers can say, ‘Well, that’s it. I’m never going to do business with Equifax again.’ That’s not how it works with credit-reporting agencies. In fact, Equifax may actually make money off this breach because it sells all these credit-protection devices, and even consumers who say, ‘Hey, I’m never doing business with Equifax again,’ well, good for you, but you go buy credit protection from someone else, they very well may be using Equifax to do the back office part. So Equifax is still making money off their own breach.”
Just last month, we reported that the hack was much worse than we thought based on new information that in addition to Social Security numbers, the criminals made off with the names of the issuing states for some driver’s licenses, credit card expiration dates as well as tax identification numbers, email addresses and phone numbers.
The latest disclosure means that as many as 148 million consumers have been exposed to identity fraud in the cybersecurity incident. And if you don’t think an additional 2.4 million people make a difference, that’s the size of the populations of New Hampshire and Rhode Island combined.
The news comes one week after money expert Clark Howard testified in front of the Georgia State Senate Banking Committee regarding a bill to make credit freezes free. Following his testimony, the committee voted unanimously to pass the measure.
Equifax, one of the three major credit-reporting bureaus in the United States, said that it will notify the identified consumers by mail and offer “identity theft protection and credit file monitoring services at no cost to them.”
Because of the severity of the hack, Clark is advising that you steer clear of Equifax’s apparatus and look elsewhere to protect yourself.
2 surefire ways to protect your credit
Clark recommends two steps to safeguarding yourself and your information from crooks. Here’s what to do:
- Sign up for Credit Sesame or CreditKarma.com account to get free credit monitoring and be notified when anyone tries to access your personal info. Here’s a step-by-step rundown of how to do it.
- Freeze your credit with the three major credit-reporting agencies. Here’s an in-depth guide on how to contact Equifax, TransUnion and Experian to freeze your accounts.
Aside from congressional committees, numerous governments on the local level are continuing to scrutinize Equifax in light of the breach. See what states are trying to do to protect you and how to contact your own representatives.