Equifax on Monday said an investigation into the massive data breach at the credit agency discovered 2.5 million additional potential victims, bringing the total to 145.5 million.
Interim chief executive Paulino do Rego Barros, made the disclosure in a statement, saying: “Our priorities are transparency and improving support for consumers. I will continue to monitor our progress on a daily basis.”
The statement said the cybersecurity firm Mandiant made the new estimate after a forensic review of the incident, which is believed to be one of the worst breaches because of the sensitivity of data leaked.
The review “also has concluded that there is no evidence the attackers accessed databases located outside of the United States,” the Equifax statement said.
Mandiant found that about 8,000 Canadian consumers were affected by the hack, fewer than the initial estimate of 100,000. The company said a review of the impact on British consumers was still being analyzed.
Separately on Monday, former Equifax chief executive officer Richard Smith said in testimony prepared for a congressional hearing that the security team at Equifax failed to patch a vulnerability in March after getting a warning about the flaw.
Smith offered a timeline of the cyberattack which leaked US Social Security numbers and other sensitive data.
Smith said in prepared remarks to a House of Representatives panel that the company on March 9 circulated an internal memo warning about a software flaw identified by the US government’s Computer Emergency Response Team.
He added that Equifax policy would have required a patch to be applied within 48 hours and that this was not done — but he could not explain why.
Equifax’s information security department ran scans that should have identified any systems that were vulnerable, but failed to identify any flaws in the software known as Apache Struts.
“I understand that Equifax’s investigation into these issues is ongoing,” he said in the statement. “The company knows, however, that it was this unpatched vulnerability that allowed hackers to access personal identifying information.”
Smith said he was notified of the breach on July 31, but was not aware “of the scope of this attack.”
He informed the company’s lead director three weeks later, on Aug. 22, and board meetings were held on the matter Aug. 24 and Aug. 25.
Equifax, one of the major agencies gathering data used in credit ratings for banks, has come under fire for waiting until Sept. 7 to publicly disclose the breach, and investigators are looking into stock sales by two senior executives in August.
Smith stepped down last week amid the investigation, while indicating he would remain in a consulting capacity during the investigation, which includes a congressional hearing scheduled for yesterday.
Smith offered a fresh apology for the attack, saying in his statement: “As CEO I was ultimately responsible for what happened on my watch. Equifax was entrusted with Americans’ private data and we let them down.”
JITTERS: Nexperia has a 20 percent market share for chips powering simpler features such as window controls, and changing supply chains could take years European carmakers are looking into ways to scratch components made with parts from China, spooked by deepening geopolitical spats playing out through chipmaker Nexperia BV and Beijing’s export controls on rare earths. To protect operations from trade ructions, several automakers are pushing major suppliers to find permanent alternatives to Chinese semiconductors, people familiar with the matter said. The industry is considering broader changes to its supply chain to adapt to shifting geopolitics, Europe’s main suppliers lobby CLEPA head Matthias Zink said. “We had some indications already — questions like: ‘How can you supply me without this dependency on China?’” Zink, who also
At least US$50 million for the freedom of an Emirati sheikh: That is the king’s ransom paid two weeks ago to militants linked to al-Qaeda who are pushing to topple the Malian government and impose Islamic law. Alongside a crippling fuel blockade, the Group for the Support of Islam and Muslims (JNIM) has made kidnapping wealthy foreigners for a ransom a pillar of its strategy of “economic jihad.” Its goal: Oust the junta, which has struggled to contain Mali’s decade-long insurgency since taking power following back-to-back coups in 2020 and 2021, by scaring away investors and paralyzing the west African country’s economy.
Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) received about NT$147 billion (US$4.71 billion) in subsidies from the US, Japanese, German and Chinese governments over the past two years for its global expansion. Financial data compiled by the world’s largest contract chipmaker showed the company secured NT$4.77 billion in subsidies from the governments in the third quarter, bringing the total for the first three quarters of the year to about NT$71.9 billion. Along with the NT$75.16 billion in financial aid TSMC received last year, the chipmaker obtained NT$147 billion in subsidies in almost two years, the data showed. The subsidies received by its subsidiaries —
BUST FEARS: While a KMT legislator asked if an AI bubble could affect Taiwan, the DGBAS minister said the sector appears on track to continue growing The local property market has cooled down moderately following a series of credit control measures designed to contain speculation, the central bank said yesterday, while remaining tight-lipped about potential rule relaxations. Lawmakers in a meeting of the legislature’s Finance Committee voiced concerns to central bank officials that the credit control measures have adversely affected the government’s tax income and small and medium-sized property developers, with limited positive effects. Housing prices have been climbing since 2016, even when the central bank imposed its first set of control measures in 2020, Chinese Nationalist Party (KMT) Legislator Lo Ting-wei (羅廷瑋) said. “Since the second half of
RSS