Equifax on Thursday disclosed that 2.4 million additional customers had information stolen in a 2017 cyber attack. The company said it overlooked the victims in prior forensic analysis of the incident.
The credit rating agency Equifax said on Thursday that it has identified 2.5 million additional victims of a months long hack it first disclosed in September, 2017.
In a filing with the U.S. Securities and Exchange Commission (SEC), Equifax said that an “ongoing analysis” of data stolen last year confirmed the identities of 2.4 million additional U.S. consumers who had their name and partial driver’s license information stolen. Equifax had earlier admitted that more than 140 million people had information exposed to hackers.
The company said it would notify the newly identified U.S. consumers and provide them with identity theft protection and credit file monitoring services.
According to Equifax, the oversight was a byproduct of the forensic examination of the 2017 incident. Victims in the initial examination were identified by Social Security Number as well name. Driver’s license number was not used as an identifier, Equifax acknowledged.