Equifax hackers reportedly accessed more personal information than previously disclosed, but the additional breach may not have put consumers at more risk than they already are, a cybersecurity expert says.
The credit rating agency, which disclosed the massive hack in September, reported the additional breaches in documents submitted to the Senate Banking Committee, the Wall Street Journal reported Friday.
In addition to the data that had previously been disclosed, hackers were able to access “tax identification numbers, email addresses and drivers’ license information beyond the license numbers,” the Journal said.
More than 145 million Americans were affected by the Equifax hack last summer. The personal information accessed—which included Social Security numbers, driver’s license numbers, and credit card numbers—would allow criminals to steal a consumer’s identity and open fraudulent accounts.
While alarming, the disclosure that additional personal information was accessed doesn’t necessarily put consumers at more risk than before.
“This is negative news, and it doesn’t look good for Equifax,” says Al Pascual, senior vice president and research director at Javelin Strategy & Research. “But considering the scale of the breach, this additional information doesn’t move the needle. If the additional data is encompassed within the 145 million people originally impacted, then it’s not something to be concerned about.”