The great Equifax mystery: 17 months later, the stolen data has never been found

“On September 7, 2017, the world heard an alarming announcement from credit ratings giant Equifax: In a brazen cyber-attack, somebody had stolen sensitive personal information from more than 140 million people, nearly half the population of the U.S.,” Kate Fazzini reports for CNBC. “It was the consumer data security scandal of the decade. The information included social security numbers, driver’s license numbers, information from credit disputes and other personal details. CEO Richard Smith stepped down under fire. Lawmakers changed credit freeze laws and instilled new regulatory oversight of credit ratings agencies.”

“Then, something unusual happened. The data disappeared. Completely,” Fazzini reports. “CNBC talked to eight experts, including data ‘hunters’ who scour the dark web for stolen information, senior cybersecurity managers, top executives at financial institutions, senior intelligence officials who played a part in the investigation and consultants who helped support it. All of them agreed that a breach happened, and personal information from 143 million people was stolen. But none of them knows where the data is now. It’s never appeared on any hundreds of underground websites selling stolen information. Security experts haven’t seen the data used for in any of the ways they’d expect in a theft like this — not for impersonating victims, not for accessing other websites, nothing.”

Fazzini reports, “Most experts familiar with the case now believe that the thieves were working for a foreign government, and are using the information not for financial gain, but to try and identify and recruit spies.”

Read more in the full article here.

MacDailyNews Take: Yes, one would certainly have expected major problems long before now if the data including Social Security numbers and other such sensitive personal information were floating around.

SEE ALSO:
Equifax website hacked again, distributes fake Adobe Flash plugin spreading malware – October 12, 2017
Equifax victims may face another hassle in buying an iPhone – September 14, 2017
Equifax’s latest breach is very possibly the worst leak of personal info ever – September 8, 2017

8 Comments

    1. If you say “The Trump Crime Family,” I will have some friends, who are totally not former KGB agents or MBS assassins, break your kneecaps.

      Don Jr
      Ownin’ the Libs, one crime at a time

  1. Let’s be positive and trust the world for once, so let’s suspect a true hacker, you know, a non malicious person with no criminal intent who simply wants to roam through the internet past the best security features or else steal data but do nothing with it just for fun. But this was before Corporate Capitalism took control of the free internet and made it proprietary and criminalized benign hacking by means of laws that gave the corporation a free pass.

  2. Ah, I’d forgotten about the Equifax breach … just had some headaches this weekend because we had a hacker go after a credit card account (“recovering” its username), where the first layer recovery requirements was information that was in the Equifax breach – – SSN and Birthday.

    FYI, it got caught because the CC company sends out a notification email when a Username or PW is recovered or reset, etc.

    If this happens to you, do go change the username after it was fraudulently recovered … but also ask the company to immediately freeze internet access to the account (make sure you still get paper billing, etc). In our case, we didn’t invoke a freeze after the first breach and the attackers simply repeated their breach ~12 hours after the first one, making us have to go (a) change it again, and (b) put the freeze on.

  3. The Chinese and Russians have the data and are using it to spy on US citizens. Collusion between those two commie nations is not surprising, it’s what they do.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.