Equifax published Monday that cybersecurity firm Mandiant developed the forensic portion of its investigation of the hack.
The firm said in the statement that 145.5 million consumers might now probably have been impacted by the data breach, 2.5 million more than previously estimated.
In September, Equifax proclaimed a massive data breach, saying hackers may have obtained the personal details, including names and Social Security numbers, of more than 143 million consumers from mid-May to July. Equifax, which said it read of the breach in late July, said credit-card numbers for about 209,000 people and certain records for another 182,000 were also accessed.
The exposure was swiftly met with critique because of the delay in informing the public to the hack, as well as problems with the website that Equifax set up for people to check whether their credit card details were at risk.
The hack is being reviewed by the Federal Trade Commission and has implied promises for inquiries in both the Senate and House of Representatives.
Several Equifax officials have left the business since the hack’s disclosure. Richard Smith stepped down as chairman of the board and CEO last Tuesday. And before that, the organization announced that the consumer-data firm’s CIO, David Webb, and its chief security officer, Susan Mauldin, were also withdrawing. Webb will be replaced by Mark Rohrwasser, who joined the company last year, Equifax said in an emailed statement. Mauldin will be compensated by Russ Ayres. Both Rohrwasser and Ayers have earlier worked in Equifax’s IT division.
Equifax officials are also reportedly being reviewed by the US Justice Department after selling the stock before the company revealed a data breach that revealed the personal information of millions of Americans.
According to News, the department is looking at sales by Equifax’s CFO, John Gamble; president of US information solutions, Joseph Loughran; and president of workforce solutions, Rodolfo Ploder. The three senior officials dumped almost $2 million worth of stock days after the business learned of the breach, Securities and Exchange Commission filings show. An emailed announcement from the credit-monitoring agency said the executives “had no knowledge” of the breach beforehand.
Take your time to comment on this article.