The Equifax hack could be worse than we thought. By Donna Borak and Kathryn Vasel
WASHINGTON (CNNMoney) — The Equifax breach may have exposed more personal information of customers than previously thought.
Additional information, including tax IDs and driver’s license details, may have been accessed in a hack that affected 145.5 million customers, according to confidential documents Equifax provided to the Senate Banking Committee seen by CNN.
In its original announcement of the hack, the company had revealed that some driver’s license numbers were exposed. The new documents show that the license state and issue date might have also been compromised.
Equifax spokesperson Meredith Griffanti told CNNMoney Friday that the original list of vulnerable personal information was never intended to represent the full list of potentiality exposed information.
The new documents now raise questions of how much information hackers may have accessed in Equifax’s cyber attack.
In its response to lawmakers, Equifax said the pieces of information compiled is “not exhaustive,” but represents common personal information that hackers usually search for.
Criminals can use personal information like this to open bank accounts and lines of credit, like a credit card or mortgage, without the victim’s knowledge.
“The more information scammers have about you, the easier it is for them to impersonate you,” said Lauren Saunders, associate director at the National Consumer Law Center. “And the easier it is for them to get by the protocols that banks and others use to make sure they are dealing with the right individual.”
The unauthorized access occurred from May through July 2017. The hackers exploited a website application vulnerability to gain access to the files, according to the company.