Equifax on Monday said an investigation into the massive data breach at the credit agency discovered 2.5 million additional potential victims, bringing the total to 145.5 million.
Interim chief executive Paulino do Rego Barros, made the disclosure in a statement, saying: “Our priorities are transparency and improving support for consumers. I will continue to monitor our progress on a daily basis.”
The statement said the cybersecurity firm Mandiant made the new estimate after a forensic review of the incident, which is believed to be one of the worst breaches because of the sensitivity of data leaked.
The review “also has concluded that there is no evidence the attackers accessed databases located outside of the United States,” the Equifax statement said.
Mandiant found that about 8,000 Canadian consumers were affected by the hack, fewer than the initial estimate of 100,000. The company said a review of the impact on British consumers was still being analyzed.
Separately on Monday, former Equifax chief executive officer Richard Smith said in testimony prepared for a congressional hearing that the security team at Equifax failed to patch a vulnerability in March after getting a warning about the flaw.
Smith offered a timeline of the cyberattack which leaked US Social Security numbers and other sensitive data.
Smith said in prepared remarks to a House of Representatives panel that the company on March 9 circulated an internal memo warning about a software flaw identified by the US government’s Computer Emergency Response Team.
He added that Equifax policy would have required a patch to be applied within 48 hours and that this was not done — but he could not explain why.
Equifax’s information security department ran scans that should have identified any systems that were vulnerable, but failed to identify any flaws in the software known as Apache Struts.
“I understand that Equifax’s investigation into these issues is ongoing,” he said in the statement. “The company knows, however, that it was this unpatched vulnerability that allowed hackers to access personal identifying information.”
Smith said he was notified of the breach on July 31, but was not aware “of the scope of this attack.”
He informed the company’s lead director three weeks later, on Aug. 22, and board meetings were held on the matter Aug. 24 and Aug. 25.
Equifax, one of the major agencies gathering data used in credit ratings for banks, has come under fire for waiting until Sept. 7 to publicly disclose the breach, and investigators are looking into stock sales by two senior executives in August.
Smith stepped down last week amid the investigation, while indicating he would remain in a consulting capacity during the investigation, which includes a congressional hearing scheduled for yesterday.
Smith offered a fresh apology for the attack, saying in his statement: “As CEO I was ultimately responsible for what happened on my watch. Equifax was entrusted with Americans’ private data and we let them down.”
DAMAGE REPORT: Global central banks are assessing war-driven inflation risks as the law of unintended consequences careens around the world, spiking oil prices Central banks from Washington to London and from Jakarta to Taipei are about to make their first assessments of economic damage after more than two weeks of conflict between the US and Iran. Decisions this week encompassing every member of the G7 and eight of the world’s 10 most-traded currency jurisdictions are likely to confirm to investors that the specter of a new inflation shock is already worrying enough to prompt heightened caution. The US Federal Reserve is widely expected to do exactly what everyone anticipated weeks ahead of its March 17-18 policy gathering: hold rates steady. The narrative surrounding that
Taiwan Semiconductor Manufacturing Co’s (TSMC, 台積電) share of the global foundry market rose to almost 70 percent last year amid booming demand for artificial intelligence (AI), market information advisory firm TrendForce Corp (集邦科技) said on Thursday. The contract chipmaker posted US$122.54 billion in revenue, up 36.1 percent from a year earlier, accounting for 69.9 percent of the global market, TrendForce said. Its share was up from 64.4 percent in 2024, it said. TSMC’s closest rival, Samsung Electronics, was a distant second, posting US$12.63 billion in sales, down 3.9 percent from a year earlier, for a 7.2 percent share of the global market. In the
HEADWINDS: The company said it expects its computer business, as well as consumer electronics and communications segments to see revenue declines due to seasonality Pegatron Corp (和碩) yesterday said it aims to grow its artificial intelligence (AI) server revenue more than 10-fold this year from last year, driven by orders from neocloud solutions clients and large cloud service providers. The electronics manufacturing service provider said AI server revenue growth would be driven primarily by the Nvidia Corp GB300 server platform. Server shipments are expected to increase each quarter this year, with the second half likely to outperform the first half, it said. The AI server market is expected to broaden this year as more inference applications emerge, which would drive demand for system-on-chip, application-specific integrated circuits
At a massive shipyard in North Vancouver, Canadian workers grind metal beams for a powerful new icebreaker crucial to cementing the country’s presence in the increasingly contested arctic. Icebreakers are specialized, expensive vessels able to navigate in the frozen far north. And “this is the crown jewel,” said Eddie Schehr, vice president of production at the Seaspan shipyard. For Canadian Prime Minister Mark Carney, who heads to Norway next Friday to observe arctic defense drills involving troops from 14 NATO states, Canada’s extreme north has emerged as a strategic priority. “Canada is and forever will be an Arctic nation,” he said ahead of
RSS