Equifax hacked months earlier than previously admitted

Laverne Mann
September 20, 2017

Equifax Canada said the information includes names, addresses, social insurance numbers (SIN) and, in limited cases, credit card numbers. It has since hired an outside cybersecurity firm to investigate.

"Earlier this year, during the 2016 tax season, Equifax experienced a security incident involving a payroll-related service".

TORONTO _ Equifax is facing investigations in both Canada and the USA into its massive data breach, but lawyers say the punitive threat by regulators is stronger south of the border. The incident was reported to customers, affected individuals and regulators. "The two events are not related".

On Friday, the nation's top privacy watchdog announced it has formally launched an investigation into the recent data breach, intending to quantify the scope of impact for Canadians who may have had their information compromised.

Equifax has been under intense scrutiny for almost two weeks since disclosing the breach, which went unnoticed for more than a month before it was discovered at the end of July.

More news: Lady Gaga postpones tour due to 'severe physical pain'
More news: Penny saver: Gas prices blow back after Harvey, Irma increases
More news: DRC says it has opened inquiry into fatal shooting of Burundian refugees

Federal investigations: Equifax is being investigated by both the Department of Justice and the FBI.

Other attorneys general from New York, Illinois, Pennsylvania and CT have also launched investigations into the breach. "Companies - including every single member of the C-suite - must change to a Zero Trust security posture so that when updating their technology, it follows a new, innovative mindset, rather than continuing the insanity cycle with the next generation of flawed technology", said Panesar. Equifax shares have fallen 35% since the breach was disclosed on September 7 after the market close.

Equifax is offering free credit monitoring services in response to the breach, but the attorneys general today objected to Equifax "seemingly using its own data breach as an opportunity to sell services to breach victims", they wrote.

Equifax has previously said the executives "had no knowledge that an intrusion had occurred" at the time they sold their shares. However, the vulnerability could have been fixed back in early March when patches became available.

Other reports by MaliBehiribAe

Discuss This Article

FOLLOW OUR NEWSPAPER