The earlier breach was serious enough for the company to notify customers, and bring in the information security firm Mandiant to investigate. But the millions of Americans whose personal data the company stockpiles to power its services are not technically customers of the company, and so it did not inform them.
Following a report by Bloomberg, Equifax came clean about the breach in a statement. “Earlier this year, during the 2016 tax season, Equifax experienced a security incident involving a payroll-related service. The incident was reported to customers, affected individuals and regulators. This incident was also covered in the media.”
Interesting. I don't remember reading about an earlier hack, cause I figure something like that would get my attention and the attention of a few others on Hubski. Enough that someone would make a post.
Also, at this point it seems like it doesn't matter how good your security protocols are. The human element always seems to throw a monkey wrench into things.
Humans are always the bug, yes.
I'll repeat what I said when the more recent breach came to light: until companies have some skin in the game, this is going to keep happening.