I suspect the pre-breach number is less than one percent.
I base this guess loosely on some data I received from the head of security at Dropbox, who told Krebs On Security last year that less than one percent of its user base of 500 million registered users had chosen to turn on 2-factor authentication for their accounts.
-Prior to the Equifax breach, approximately how many Americans had chosen to freeze their credit files at Equifax?
-Approximately how many total Americans today have requested a freeze from Equifax?
However, if only one half of one percent of Americans chose to freeze their credit files before Equifax announced its breach — and if the total number of Americans requesting a freeze post-breach rose to, say, one percent — that would still be a huge jump (and potentially a painful financial hit to Equifax and the other bureaus).
So without further ado, here are some questions I’d ask on the topic of credit locks and freezes: -Approximately how many credit files on Americans does Equifax currently maintain?
Helpfully, Smith clarified early on in the hearing that the company’s customers are in fact banks and other businesses — not consumers.
Smith told lawmakers that the breach stemmed from a combination of technological error and a human error, casting it as the kind of failure that could have happened to anyone.
Smith artfully dodged questions of why the company waited so long to notify the public, and about the perception that Equifax sought to profit off of its own data breach.
One lawmaker noted that Smith gave two public speeches in the second and third weeks of August in which he was quoted as saying that fraud was a “a huge opportunity for Equifax,” and that it was a “massive, growing business” for the company. 17 address, he said “we did not know how much data was compromised, what data was compromised.” Follow-up questions from lawmakers on the panel revealed that Smith didn’t ask for a briefing about what was then allegedly only classified internally as “suspicious activity” until August 15, almost two weeks after the company hired outside cybersecurity experts to examine the issue.
He declined to explain (and lawmakers inexplicably failed to ask) how 145.5 million Americans — nearly 60 percent of the adult population of the United States — could have had their information tied up in a dispute portal at Equifax.