Forensic work at Equifax has uncovered more specific victims of the company's 2017 mega breach.
As a result, it says it will notify another 2.4 million Americans who had their information compromised:
"This is not about newly discovered stolen data," said Paulino do Rego Barros, Jr., Interim Chief Executive Officer. "It's about sifting through the previously identified stolen data, analyzing other information in our databases that was not taken by the attackers, and making connections that enabled us to identify additional individuals."
In the case of these 2.4 million individuals, Equifax believes they had drivers license information taken—but perhaps only part of the information you can find on your license.
It was nothing like the original Twitter firestorm against Equifax, but it was still another bad day for Equifax PR:
New York's Attorney General was among those reacting on Twitter:
And is it possible the Equifax mega breach investigation may be left up to individual states? Perhaps.
Reuters recently reported that the federal government's Equifax probe may be on hold.
This, despite at least six ways Equifax failed at basic cybersecurity.
The SecureWorld report on the day by day timeline of the Equifax mega breach is also good refresher on what happened here, and how.
