Equifax may have left out an important detail when it disclosed the breach that compromised the personal information of 143 million US consumers.
Bloomberg, citing three unnamed "people familiar with the situation" on Monday reported Equifax was hacked almost five months before the incident it disclosed on Sept. 7. The previous hack may have been carried out by the same attackers who eventually stole troves of personal information.
That means that the credit-reporting agency actually "suffered two major incidents in the span of a few months," the report notes.
After each breach, the company hired security firm Mandiant to investigate. Bloomberg reported that Equifax may have believed it addressed the issue the first time around, "only to have to bring the investigators back when it detected suspicious activity again on July 29."
Equifax on Sept. 7 revealed that criminals "exploited a US website application vulnerability" to gain access to credit card numbers, dispute documents with personal identifying information, names, Social Security numbers, birth dates, addresses, and some driver's license numbers. Equifax is offering affected individuals free credit file monitoring and identity theft protection, but, according to The New York Times, many affected users have faced "dead links and terminated calls" when trying to get help from the company.
Equifax is now facing several investigations and lawsuits related to the breach, including a criminal probe by the US Justice Department about fishy stock sales made by Equifax executives ahead of the company's breach disclosure. Three senior Equifax executives — Chief Financial Officer John Gamble, President of U.S. information solutions Joseph Loughran, and President of workforce solutions Rodolfo Ploder — "sold shares worth almost $1.8 million" on Aug. 1 and Aug. 2, the report notes.
Equifax maintains that the executives "had no knowledge that an intrusion had occurred" when they made those transactions, but as Bloomberg pointed out "there were fewer than a handful of days between the stock sales and the date Equifax said the breach was discovered."
Meanwhile, the new revelations come after security researchers recently discovered that the personal information of thousands of Argentinians may also be at risk due to lax Equifax security practices. Researchers at Milwaukee-based information security firm Hold Security recently discovered a portal used by Equifax employees in Argentina that was practically "wide open" for anyone to access, according to security researcher and author of the KrebsOnSecurity blog Brian Krebs.