Slashdot Mirror

← Back to Stories (view on slashdot.org)

Equifax's Data Breach By the Numbers: 146 Million Social Security Numbers, 99 Million Addresses, and More (theregister.co.uk)

Posted by BeauHD on from the take-a-deep-breath dept.

Several months after the data breach was first reported, Equifax has published the details on the personal records and sensitive information stolen in the cybersecurity incident. The good news: the number of individuals affected by the network intrusion hasn't increased from the 146.6 million Equifax previously announced, but extra types of records accessed by the hackers have turned up in Mandiant's ongoing audit of the security breach," reports The Register. From the report: Late last week, the company gave the numbers in letters to the various U.S. congressional committees investigating the network infiltration, and on Monday, it submitted a letter to the SEC, corporate America's financial watchdog. As well as the -- take a breath -- 146.6 million names, 146.6 million dates of birth, 145.5 million social security numbers, 99 million address information and 209,000 payment cards (number and expiry date) exposed, the company said there were also 38,000 American drivers' licenses and 3,200 passport details lifted, too.

The further details emerged after Mandiant's investigators helped "standardize certain data elements for further analysis to determine the consumers whose personally identifiable information was stolen." The extra data elements, the company said, didn't involve any individuals not already known to be part of the super-hack, so no additional consumer notifications are required.

3 of 69 comments (clear)

  1. US numbers are nice and all, but... by Anonymous Coward · · Score: 2, Interesting

    How many people from other countries got screwed by Equifax and to what degree? The stories reporting affected people seem to continually ignore the fact that there's more to the planet than the US and companies like Equifax have no qualms about screwing non-USians, too.

    1. Re:US numbers are nice and all, but... by Anonymous Coward · · Score: 2, Interesting

      In many other countries, you cannot take someone's money from the bank or take out a loan simply by having a semi-public information like DOB or some ID number or an address.

      That would be called fraud, and the bank would be liable for such lost since the bank is the victim.

      Only in American would allow the bank to pass the loss (due to their own fault) to their customer, and call that "identity theft".

  2. charge them for the privilege by supernova87a · · Score: 3, Interesting

    I keep saying, the following penalty scheme imposed on companies will clean up data breaches right quick:

    $1 per name, email, physical address
    $2 per phone number
    $3 per credit card number
    $4 per SSN

    And multiply for combinations thereof. You'll see how fast companies move to secure their data.