Equifax has admitted that a second hack hit the company in March of this year, just months before the mega July data breach that affected almost 143 million people.
US credit reporting company Equifax has said that the two breaches are not related, however, a company spokesperson talking to Bloomberg did say both data hacks were carried out by the same attackers.
Independent cyber security firm Mandiant was brought in by Equifax in March to investigate the breach and were called in again when the second data breach occurred later in the year.
The cyber security firm has been working to find out what customer information was accessed and identify who has been affected so the company can plan the next steps to ‘fix’ the problem for customers.
In September, after the news that Equifax had been hacked Richard F. Smith, Chairman and CEO Equifax, said: “We pride ourselves on being a leader in managing and protecting data and we are conducting a thorough review of all our overall security operations.
“This is clearly a disappointing event for our company. I apologize to consumers and our business customers for the concern and frustration this causes.”
Customers who think they may have been affected can contact the US compnay through a designated website, however the crisis will only increase now there’s been a second known breach announced.
The first announced breach affected up to 143 million US customers and around 400,000 UK customers – a fact which wasn’t announced until six weeks after the event.
Following both of the data breaches Equifax announced yesterday the departure of both the Chief Information Officer and Chief Security Officer. Since the announcement, the credit firm has filled the vacancies. Equifax has appointed Mark Rohrwasser as CIO and Russ Ayres as CSO.
Since the news broke earlier in September and now following a second data breach, the company’s stock shares fell by almost 1.3% to $94.38 on Monday.
Equifax has said the internal investigation of its security system and data breach is still on-going and the credit reporting company is still working with Mandiant and the FBI in the investigation.
This article is from the CBROnline archive: some formatting and images may not be present.
Join Our Newsletter
Want more on technology leadership?
Sign up for Tech Monitor's weekly newsletter, Changelog, for the latest insight and analysis delivered straight to your inbox.