Skip to content

Equifax Says It Sent Wrong Letters to Some Consumers Affected by Hack

April 02, 2018
2 min read
Equifax Logo
Equifax Says It Sent Wrong Letters to Some Consumers Affected by Hack
The cards we feature here are from partners who compensate us when you are approved through our site, and this may impact how or where these products appear. We don’t cover all available credit cards, but our analysis, reviews, and opinions are entirely from our editorial team. Terms apply to the offers listed on this page. Please view our advertising policy and product review methodology for more information.

Equifax has confirmed that after its vast data hack in 2017, in which almost 150 million people had their personal information breached, it has been sending incorrect notification letters to a "small percentage" of affected consumers, the credit bureau told CNBC on Monday.

A glitch in the company's system led to a recent batch of notification letters that contained incorrect personal details for the consumers to which they were addressed. For instance, one consumer told CNBC he received a letter from Equifax that had the right address but the incorrect name.

The batch of botched notification letters was meant to inform those consumers whose partial driver's license numbers had been stolen by the hackers.

"As a result of ongoing analysis of data stolen in last year's cybersecurity incident, we announced on March 1 that we had confirmed the identities of U.S. consumers whose partial driver's license information had been taken and that we would notify these newly identified U.S. consumers directly," Equifax said in a statement to CNBC.

"We recently initiated this notification process by mail and have learned that a very small percentage of the notifications were sent to the wrong addresses due to the complex nature of determining the best address match to a consumer and, in some cases, mailing addresses on record may be out-of-date or incorrect," the statement continued.

The September 2017 data breach exposed consumers' sensitive information such as their names, Social Security numbers, birth dates, addresses, driver's license and credit card numbers. Earlier this year, Equifax also disclosed to the Senate Banking Committee that the hackers exposed additional consumer data, including tax identification numbers, email addresses and phone numbers. Plus, some smaller details, such as credit card expiration dates and driver's license issuing state.

Daily Newsletter
Reward your inbox with the TPG Daily newsletter
Join over 700,000 readers for breaking news, in-depth guides and exclusive deals from TPG’s experts

Shortly after the hack last year, Equifax also corrected the number of people affected, saying that in fact, 2.5 million more Americans than originally reported had their personal data stolen.

The company has offered free credit monitoring services for one year. Among other tips, experts recommend consumers freeze their credit.

The exact number of incorrect letters sent to consumers remains unclear, as Equifax declined to release the number, according to CNBC.

Featured image by NurPhoto via Getty Images