When the news broke that credit agency Equifax had experienced a data breach last year, consumers across the country and the world were right to be concerned.
Hackers reportedly stole personal information from about 143 million Americans. This information included things like social security numbers, home addresses, birthdates, drivers license numbers, and even credit card information.
Data breaches have become more common as more information has made its way into hard drives and onto cloud servers. But companies like Equifax may as well have a massive target drawn on them. The fact that they gather such a large amount of sensitive information on users, even for users who have never signed up with them, means their data represents a goldmine for would-be hackers.
The breach led to the resignation of company CEOs, a public outcry against the company as a whole, and even discussions about how law should be adapted to protect potential victims of data theft in the future.
But while it may seem like the commotion from the tense incident has died down with the dawning of a new year, recent reports indicate that more information was leaked in the Equifax breach than originally thought.
Hackers may have also accessed tax identification numbers, which are used when a person doesn’t have a social security number. Additionally, the states and dates on drivers licenses may have also been accessed, as well as email addresses and more credit card data than originally thought.
The shocking revelation comes from a document that was submitted to the Senate Banking Committee. However, Equifax did state they sent notices to those individuals whose credit card data was affected.
While this may seem like another sign that Equifax was lazy in terms of their security and damage-control procedures, it isn’t uncommon for the harm done by data breaches to be discovered in parts. Yahoo experienced a similar issue, after an initial data breach in 2013.
The original incident was said to have compromised the private data of about one-billion accounts. However, an assessment of the data loss by Verizon officials following a joining-up of the companies’ efforts concluded that the number of affected accounts was about three times larger than originally thought.
That number, three billion, represents Yahoo’s entire userbase, meaning everyone who worked with the company could’ve been affected by the incident.
This shows that data breaches and the full effects of hackers are not always understood immediately. Sometimes the data stolen isn’t used for a while, and it can be hard to trace exactly what was taken and discover what was accessed by unauthorized parties.
A refined approach to data security may be needed to prevent issues like this from occurring again. As for Equifax, they did offer free credit-freeze services after some public pressure following last year’s breach.
Though there is no way for a person affected by data theft to ensure their safety, instances like this could force companies to take a closer look at how they manage information digitally.