Equifax on Monday said an investigation into the massive data breach at the credit agency discovered 2.5 million additional potential victims, bringing the total to 145.5 million.
Interim chief executive Paulino do Rego Barros, made the disclosure in a statement, saying: “Our priorities are transparency and improving support for consumers. I will continue to monitor our progress on a daily basis.”
The statement said the cybersecurity firm Mandiant made the new estimate after a forensic review of the incident, which is believed to be one of the worst breaches because of the sensitivity of data leaked.
The review “also has concluded that there is no evidence the attackers accessed databases located outside of the United States,” the Equifax statement said.
Mandiant found that about 8,000 Canadian consumers were affected by the hack, fewer than the initial estimate of 100,000. The company said a review of the impact on British consumers was still being analyzed.
Separately on Monday, former Equifax chief executive officer Richard Smith said in testimony prepared for a congressional hearing that the security team at Equifax failed to patch a vulnerability in March after getting a warning about the flaw.
Smith offered a timeline of the cyberattack which leaked US Social Security numbers and other sensitive data.
Smith said in prepared remarks to a House of Representatives panel that the company on March 9 circulated an internal memo warning about a software flaw identified by the US government’s Computer Emergency Response Team.
He added that Equifax policy would have required a patch to be applied within 48 hours and that this was not done — but he could not explain why.
Equifax’s information security department ran scans that should have identified any systems that were vulnerable, but failed to identify any flaws in the software known as Apache Struts.
“I understand that Equifax’s investigation into these issues is ongoing,” he said in the statement. “The company knows, however, that it was this unpatched vulnerability that allowed hackers to access personal identifying information.”
Smith said he was notified of the breach on July 31, but was not aware “of the scope of this attack.”
He informed the company’s lead director three weeks later, on Aug. 22, and board meetings were held on the matter Aug. 24 and Aug. 25.
Equifax, one of the major agencies gathering data used in credit ratings for banks, has come under fire for waiting until Sept. 7 to publicly disclose the breach, and investigators are looking into stock sales by two senior executives in August.
Smith stepped down last week amid the investigation, while indicating he would remain in a consulting capacity during the investigation, which includes a congressional hearing scheduled for yesterday.
Smith offered a fresh apology for the attack, saying in his statement: “As CEO I was ultimately responsible for what happened on my watch. Equifax was entrusted with Americans’ private data and we let them down.”
The domestic unit of the Chinese-owned, Dutch-headquartered chipmaker Nexperia BV will soon be able to produce semiconductors locally within China, according to two company sources. Nexperia is at the center of a global tug-of-war over critical semiconductor technology, with a Dutch court in February ordering a probe into alleged mismanagement at the company. The geopolitical tussle has disrupted supply chains, with some carmakers reportedly forced to cut production due to chip shortages. Local production would allow Nexperia’s domestic arm, Nexperia Semiconductors (China) Ltd (安世半導體中國), to bypass restrictions in place since October on the supply of silicon wafers — etched with tiny components to
Taiwan’s foreign exchange reserves fell below the US$600 billion mark at the end of last month, with the central bank reporting a total of US$596.89 billion — a decline of US$8.6 billion from February — ending a three-month streak of increases. The central bank attributed the drop to a combination of factors such as outflows by foreign institutional investors, currency fluctuations and its own market interventions. “The large-scale outflows disrupted the balance of supply and demand in the foreign exchange market, prompting the central bank to intervene repeatedly by selling US dollars to stabilize the local currency,” Department of Foreign
Taiwan is open to joining a global liquefied natural gas (LNG) program if one is created, but on the condition that countries provide delivery even in a scenario where there is a conflict with China, an energy department official said yesterday. While Taiwan’s priority is to have enough LNG at home, the nation is open to exploring potential strategic reserves in other countries such as Japan or South Korea, Energy Administration Deputy Director-General Chen Chung-hsien (陳崇憲) said. While the LNG market does not have a global reserve for emergencies like that of oil, the concept has been raised a few times —
AI-FUELED DEMAND: The company has been benefiting from the skyrocketing prices for DRAM chips amid the AI frenzy, especially its core product — DDR4 DRAM chips DRAM chipmaker Nanya Technology Corp (南亞科技) yesterday reported that its revenue for the first quarter surged 582.91 percent to NT$49.09 billion (US$1.54 billion) from NT$7.19 billion a year earlier, as the supply crunch caused chip price spikes. Last quarter’s figure is the highest on record. On a quarterly basis, revenue jumped 63.14 percent from NT$30.09 billion, the company said. In January, Nanya Technology expected global DRAM supply scarcity to continue through the first half of 2028, thanks to strong demand for artificial intelligence (AI) applications. Market researcher TrendForce Corp (集邦科技) forecast prices of standard DRAM chips would rise between 58 percent and 63
RSS