Equifax Announces Second Data Breach Occurred Five Months Ago

The Equifax data breach that exposed the records of 143 million consumers was not the only data breach the firm experienced this year. Equifax has said a second, earlier breach was discovered in March. A statement released by the credit monitoring agency says the two attacks were unrelated; however, Bloomberg suggests one person close to the investigation suggested both attacks were performed by the same individuals.

It may be that the attacks were performed by different groups with different goals, including using Equifax to gain access to the systems of partner organizations such as banks and other financial institutions.

When the first breach was discovered, cybersecurity firm Mandiant was called in to assist with the investigation. It would appear that Equifax felt the first breach had been mitigated and its systems secured. However, just four months after the first breach, Mandiant was called upon again to investigate the second attack.

No details have so far been released about how many individuals were impacted by the first breach, although Equifax says it complied with all notification requirements in relation to the first breach.

News that the credit agency has suffered two major breaches in the space of a year is likely to see the firm scrutinized even more closely over its cybersecurity policies and procedures. The firm is also likely to be investigated for its handling of the first breach.

On top of that, there is the matter of stock sales by three executives at the firm, which occurred just a few days after the discovery of the second 143-million record breach; before details had been made public. The shares were sold on August 1 and 2, 2017. The breach was detected by Equifax on July 29, 2017.

A criminal investigation has already been launched over insider trading by those executives. Bloomberg reports the new timeline for the hacks also brings another sale of $1.91 million of stock into question, with the trade having occurred soon after the first breach was discovered.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of NetSec.news