Equifax now admits passport info was among stolen data in huge breach

Posted at 3:59 PM, May 10, 2018
and last updated 2018-05-10 12:37:20-04

(RNN) – Equifax has reversed previous denials by admitting thousands of passport numbers were among the documents left exposed in a massive data breach that has rattled the company since September.

The credit reporting agency made the admission in a filing with the Securities and Exchange Commission last week.

Equifax spokesperson Meredith Griffanti told multiple media outlets in February there was “no evidence” that passport info had been stolen, when Sen. Elizabeth Warren, D-MA, released a report which said it had.

“Equifax failed to disclose the fact that hackers gained access to consumers’ passport numbers,” Warren’s report said.

In last week's filing, a “Form 8-K” report which companies must submit to make major announcements, Equifax acknowledges that after a recent analysis of documents “stolen in the cybersecurity incident” it determined the following had been compromised, in addition to the original information disclosed:  

  • 38,000 driver’s licenses
  • 12,000 social security or taxpayer ID cards
  • 3,200 passports or passport cards
  • 3,000 other government-issued identification documents such as military IDs, state-issued IDs and resident alien card

Equifax specified these were documents belonging to customers already affected, and did not represent additional customers.

The bulk of compromised data first disclosed included more than 145 million names, dates of birth and Social Security numbers.

Millions of addresses, phone numbers and driver’s license numbers were also stolen.

In a release this week, Equifax said it the new disclosures were “part of its commitment to transparency” and do not “identify additional stolen data or newly impacted consumers.”

The scandal has resulted in the resignations of multiple executives, including CEO Richard Smith.

Copyright 2018 Raycom News Network. All rights reserved.