In an update from the Equifax data breach in 2017, the company reported to the Securities and Exchange Commission that while no new breaches occurred and no new customers were affected, a total of 2.4 million personally identifiable information (PII) were collected from the 2017 attack. The image storage server where customers upload scans of documents for their online dispute portal was also hacked, which included passports and other government-issued IDs.
Equifax submitted the report at the request of the congressional committees investigating the cybersecurity incident to determine the depth and extent of the breach. The initial report in September 2017 estimated that the breach exposed records of 145.5 million US citizens and 15.2 million in the UK. After organizing and classifying their internal databases, analysis yielded that the PII collected by the hackers include dates of birth, social security numbers (SSN), addresses, phone numbers, email addresses, driver’s license numbers, tax identification numbers, and credit card data, among others. The report filed late last week yielded more specific details:
|Data Element Stolen||Approx. Number of Affected US Consumers|
|Date of Birth||146.6 million|
|Address Information||99 million|
|Phone Number||20.3 million|
|Driver's License Number||17.6 million|
|Email (w/o credentials)||1.8 million|
|Payment Card No. and Expiration Date||209,000|
|Driver's License State||27,000|
The report states that no additional breaches and no additional customers were affected since the September 2017 announcement. However, aside from the database information accessed by the cybercriminals, the online dispute portal was also breached, exposing images uploaded by approximately 182,000 US consumers. From the company review details the approximate number of government-issued IDs uploaded:
|Government-Issued ID||Approx. Number of Images Affected|
|SS or Tax ID Card||12,000|
|Passport or Passport Card||3,200|
|Others (Military IDs, Resident Alien Cards, Stte-Issued IDs)||3,000|
While individual customers were initially notified after the public announcement late last year, Equifax wrote that the affected consumers will receive notifications by US Postal mail, identifying the PII included in the breach, except for those whose gender, phone numbers and email addresses were collected as US notification laws do not require it. The company also announced on their website that they will be offering identity theft protection and credit file monitoring to affected customers at no cost. Customers can also access the website for the “Am I Impacted” tool to find out if their information is among the list of affected records.
[Related: Lessons from the Equifax Breach]
The data breach was traced back to a security program vulnerability that Equifax failed to patch. It has since become an example for businesses to improve their data handling, management, and protection policies. Here are some guidelines enterprises can follow to prevent a similar incident:
- Regularly patch firmware updates to protect servers from vulnerabilities.
- Organize and classify data, so that only the people trained and authorized to handle sensitive information have access to relevant details.
- Have alternative systems of authentication inside the company and for customers. PII are often used by businesses to verify individuals’ identities, and SSNs have been especially abused over time. Other verification methods should be explored to create variation and make it systems more difficult to breach.
Trend Micro XGen™ endpoint security can provide comprehensive protection on all fronts as it infuses high-fidelity machine learning with detection technologies and threat intelligence against advanced and sophisticated malware. Trend Micro™ Security, Smart Protection Suites and Worry-Free™ Business Security are solutions inside XGen™, and works 24/7 to protect companies from malicious files commonly used by cybercriminals for infiltration during data breaches.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale