Seventeen months after the Equifax data breach, many believe the data was stolen by a nation-state and not, as previously believed, criminals planning to sell the data for profit on the dark web, CNBC reports. Sensitive data of 143 million people—including their Social Security numbers, driver’s licence numbers, and credit reporting data—was stolen back in September 2017; since then, it has failed to resurface.
CNBC writes security specialists and data hunters, whose job it is to look for stolen information on the dark web, didn’t manage to find any trace of it. As far as they are concerned, it also hasn’t been used for scams. While at first data might have been too “hot,” specialists suggest it should have resurfaced by now if it was intended for financial gain—the older it is, the less useful it is for thieves.
According to Jamil Farshchi, Equifax chief information security officer, the company has been working with federal and state authorities, and they have found no indication “that the data has been disclosed, that it has been used or that it has been offered for sale."
However, if the information was obtained by a foreign nation-state, it might be used for espionage. According to the CNBC, the data analysed with the use of AI or machine learning can serve to identify and recruit spies.