Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Nearly 40 US states probe Equifax handling of major data breach

Illinois, Connecticut and Pennsylvania are among a number of states looking into the way Equifax handled a breach of personal information for up to 143 million people

Diane Bartz,David Shepardson
Thursday 14 September 2017 09:41 BST
Names, addresses, driving licenses and social security details were breached by hackers
Names, addresses, driving licenses and social security details were breached by hackers (REUTERS)

Nearly 40 US states have joined a probe of Equifax’s handling of a massive data breach that exposed valuable information on up to 143 million Americans and sent shares of the credit reporting company tumbling.

Congress is also probing the hack, and Equifax’s chief executive, Richard Smith, is expected to testify on 3 October before a US House of Representatives panel.

Equifax’s shares have fallen more than 30 per cent amid revelations of investigations into the data breach and the company’s decision to delay disclosing it.

Illinois is leading the state Equifax probe, according to Eileen Boyce, a spokeswoman for the state’s attorney general, Lisa Madigan.

Connecticut and Pennsylvania are part of the probe, the Connecticut state attorney general has said. Iowa and Rhode Island have also both acknowledged joining the group.

Even amid disclosures of data breaches at a broad array of companies and government agencies in recent years, the Equifax hack stands out.

Cyber security experts said it was among the largest hacks ever recorded and was particularly troubling due to the richness of the information exposed: names, birthdays, addresses and social security and driver’s license numbers.

Equifax did not respond to telephone calls or emails seeking comment.

US representative Carolyn Maloney, a member of the House subcommittee on Capital Markets, Securities and Investment, asked the CEOs of credit reporting companies TransUnion and Experian how each is addressing its information security programme in light of the Equifax data breach.

She said the hackers in the Equifax case likely exploited security flaws in open-source software, called Apache Struts, that was used by Equifax. She wants to know if the Equifax rivals downloaded security fixes for the software.

Stock trader Ken Polcari, director of the NYSE floor division at O’Neil Securities in New York, said the shares are sinking because of Equifax’s poor handling of a terrible breach.

“It’s a disaster. This breach has put almost every adult American in jeopardy. I don’t think (the share drop) is over by any stretch. This is just going to get uglier and uglier for them,” he said.


Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in