Equifax, the global credit rating firm, publicly acknowledged its systems had been compromised and user information had been stolen. The data breach is one of the largest of its kind ever and stands to put millions of Equifax user information at risk. In fact, 143 million individuals may have seen their names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers stolen. To make things even worse, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were pilfered. The breach is so bad it is questionable as to whether Equifax will be able to recover. A firm like that, that deals with sensitive personal information every second should have the most impenetrable systems around. Unfortunately it did not as hackers found a way to siphon data out.
In response, Equifax has set up a site to keep consumers up to date on their efforts to rectify the situation.
Now, according to a report in Mashable, Equifax has received a ransom request of $2.6 million in Bitcoin. The post states if the ransom is received by September 15th they will delete the stolen data. Except perhaps the credit card info which they may put to nefarious use.
Mashable quoted the hackers explaining;
“We are two people trying to solve our lives and those of our families,” the site explains. “We did not expect to get as much information as we did, nor do we want to affect any citizen. But we need to monetize the information as soon as possible.”
The site where Mashable uncovered the information is now offline. It will be curious to see if the ransom is actually accurate and IF Equifax will fork it over.
Regardless, Equifax screwed up. Big time.