The fallout from Equifax’s 2017 mega breach continues as the company today announced it has discovered 2.4 million additional victims; they were not previously alerted that their personal information was stolen.
That brings the total number of people impacted by this breach to 147.9 million. The credit reporting agency in September 2017 first said the breach affected 143 million people, but a month later upped that estimate to 145.5 million.
As it continued to analyze the stolen data, the company recently identified millions more Americans whose “names and partial driver’s license information were stolen,” Equifax said in its announcement today.
“This information was partial because, in the vast majority of cases, it did not include consumers’ home addresses, or their respective driver’s license states, dates of issuance, or expiration dates,” the company wrote.
In its original disclosure in September, Equifax said the hackers made away with names, Social Security numbers, birth dates, addresses, some driver’s license numbers, along with some credit card numbers and other documents containing personal information.
“Today’s newly identified consumers were not previously informed because their SSNs were not stolen together with their partial driver’s license information,” the company said Thursday.
Equifax plans to notify these newly identified victims and offer them free identify theft protection and credit file monitoring services, so be sure to take the company up on that offer if you receive a notification.
“It’s about sifting through the previously identified stolen data, analyzing other information in our databases that was not taken by the attackers, and making connections that enabled us to identify additional individuals,” he wrote.
Meanwhile, Equifax may wind up getting a just slap on the wrist from the feds over the incident. Reuters last month reported that the new head of the Consumer Financial Protection Bureau, Mick Mulvaney, has scaled back the agency’s investigation into the breach.