Slashdot Mirror
Equifax's Data Breach By the Numbers: 146 Million Social Security Numbers, 99 Million Addresses, and More (theregister.co.uk)
Several months after the data breach was first reported, Equifax has published the details on the personal records and sensitive information stolen in the cybersecurity incident. The good news: the number of individuals affected by the network intrusion hasn't increased from the 146.6 million Equifax previously announced, but extra types of records accessed by the hackers have turned up in Mandiant's ongoing audit of the security breach," reports The Register. From the report: Late last week, the company gave the numbers in letters to the various U.S. congressional committees investigating the network infiltration, and on Monday, it submitted a letter to the SEC, corporate America's financial watchdog. As well as the -- take a breath -- 146.6 million names, 146.6 million dates of birth, 145.5 million social security numbers, 99 million address information and 209,000 payment cards (number and expiry date) exposed, the company said there were also 38,000 American drivers' licenses and 3,200 passport details lifted, too.
The further details emerged after Mandiant's investigators helped "standardize certain data elements for further analysis to determine the consumers whose personally identifiable information was stolen." The extra data elements, the company said, didn't involve any individuals not already known to be part of the super-hack, so no additional consumer notifications are required.
The further details emerged after Mandiant's investigators helped "standardize certain data elements for further analysis to determine the consumers whose personally identifiable information was stolen." The extra data elements, the company said, didn't involve any individuals not already known to be part of the super-hack, so no additional consumer notifications are required.
How many people from other countries got screwed by Equifax and to what degree? The stories reporting affected people seem to continually ignore the fact that there's more to the planet than the US and companies like Equifax have no qualms about screwing non-USians, too.
It's a good thing all those executives went to prison so corporations will start taking security seriously.
Oh wait.
For Equifax to be in charge of my personal information.
Can anyone elaborate as to why they were put in charge, and what recourse do I have to punish this company for mishandling my information?
The above post is an editorial, the poster cannot and will not be held responsible for all or in part for it's contents
I keep saying, the following penalty scheme imposed on companies will clean up data breaches right quick:
$1 per name, email, physical address
$2 per phone number
$3 per credit card number
$4 per SSN
And multiply for combinations thereof. You'll see how fast companies move to secure their data.
Why do financial institutions seem to insist that Social Security numvers are a secret code? The government should just publish ALL of the SSNs
That is the way it works in many countries: Your citizenship number is public information.
Many have a separate changeable PIN for authentication.
The American system of making the same number both semi-public and secret is unique.
If 10% of the population went on record and disclosed their SSNs publicly it would shut down the SSN as a 'secret code.'
Equifax has already done this as a public service. Good for them.
While you won't find this info out there as it's been pretty hushed, but walmart.com took down their CC application site for over a week after a load of stolen IDs were used to apply for CC's there. There is some indication that the data came from this breach.
Their primary business is making sure adverse credit information follows people around, while making the assumption that the adverse reports are actually about the named person. Even while they know damned well that their own negligence has enabled ID fraud on a massive scale.