Skip to main content

Equifax could make money from its own breach; 2.4 million more are exposed

Atlanta-based Equifax disclosed in September that a “cybersecurity incident” exposed the data of approximately 143 million U.S.-based customers. Six months later, the credit-rating agency added another 2.4 million U.S.-based customers to that number as part of an ongoing analysis. But while the company appears to be apologetic and embarrassed over the hack on the outside, Senator Elizabeth Warren, D-MA, believes the company could actually generate cash from the breach. 

How? Because it sells credit protection “devices,” or services. Even if customers swear they will never do business with Equifax again after the 2017 breach, third-party credit protection services may still use Equifax. That means the company is reeling in the big bucks from its own breach no matter where customers land. But Senator Warren and Senator Mark Warner, D-VA, want to change that. 

Recommended Videos

According to their proposal called “strict liability,” every customer gets $100 for the theft of the first piece of data, and $50 for every piece of data stolen thereafter up to half the value of the company. They believe this will push credit-rating agencies to get serious about investing in what is needed to protect Americans and their personal information. If not, we can count on another massive Equifax-style breach in the near future. 

Please enable Javascript to view this content

“It’s hard. It’s flat. It’s easy to read,” she said. “And the point is to get the credit-rating agencies to take the right level of security. They take the right level of security, they invest enough in security, then the American people will be protected.” 

After a five-month investigation, Warren released a report detailing Equifax’s shortcomings regarding data protection. She details how security researchers warned of a vulnerability in the website, and how the company never confirmed that administrators actually patched the security hole. The Department of Homeland Security and external experts even warned Equifax of various vulnerabilities before the breach. Smaller break-ins took place prior to 2017. 

What’s interesting is Equifax’s fight with the Internal Revenue Service (IRS). According to the report, Equifax essentially coerced the IRS into signing a new $7.2 million contract by using “federal contracting loopholes” knowing full well it had security issues. But the IRS eventually canceled the contract after discovering the additional security weaknesses that could expose the sensitive information of taxpayers. 

“We found out that Equifax failed to follow its own internal requirements for notifying consumers following the breach of sensitive data,” she said. “And we found that Equifax’s entire cybersecurity apparatus was inadequate to protect American consumers.” 

The 2017 hack exposed credit card numbers, Social Security numbers, names, birth dates, addresses, and partial driver’s license numbers. Equifax discovered the network breach on July 29 but didn’t make the data leak known until the following September. The hack took place sometime between May and July of that year. 

“We put [our investigation] together from a lot of different places and found out that Equifax, quite simply, had not told the whole story to the American people,” Warren said. “What they did was worse, a whole lot worse, than they originally admitted.” 

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
1Password vs. NordPass: which password manager is best in 2025?
1Password and NordPass reviews appear beside one another on a PC monitor.

1Password and NordPass are among the most popular and best password managers available. Both offer significant improvements over the built-in solutions you get from Microsoft, Apple, and Google, making it hard to choose between them.

I've reviewed the latest versions of 1Password and NordPass in 2025 and can share some insights into the differences and compare prices to help you discover which offers the best value for you.
Specs

Read more
This iBuyPower gaming PC with RTX 4060 is under $1,000 — for now
The iBUYPOWER Trace 7 Mesh gaming desktop on a white background.

Gaming PC deals worth buying still usually cost more than $1,000 after the discounts, but here's an offer from Best Buy that's available for a more affordable price. The iBuyPower Trace 7 Mesh, which is originally sold for $1,300, is down to just $900 following a $400 discount. We're not sure how much time is remaining before this bargain ends, so if you're interested in this gaming desktop, you need to push forward with your purchase immediately if you want to secure the savings.

Why you should buy the iBuyPower Trace 7 Mesh gaming PC
The iBuyPower Trace 7 Mesh is a relatively affordable gaming PC, but it doesn't sacrifice much in terms of performance. It runs on the AMD Ryzen 7 5700 processor and the Nvidia GeForce RTX 4060, which is in our list of the best graphics cards as our recommendation for 1080p gaming. It has 16GB of RAM, which is the best place to start for a gaming PC, according to our guide on how much RAM do you need. With these components, you won't have trouble playing the best PC games, though you'll have to go with medium settings for the more demanding titles.

Read more
Google gives memory superpowers to Gemini for more natural chats
Google Gemini running on an Android phone.

Google is finally bringing a crucial new feature to Gemini that will solve a key pain point of interacting with its AI chatbot. The company is enabling a memory feature which allows Gemini to pull up details from a past conversation.

“Whether you’re asking a question about something you’ve already discussed, or asking Gemini to summarize a previous conversation, Gemini now uses information from relevant chats to craft a response,” says a Google update.

Read more