Equifax suffered a March security breach months before the attack in July that compromised information for more than 140 million people. File Photo by Rhona Wise/EPA-EFE
Sept. 19 (UPI) -- Credit reporting agency Equifax has confirmed a major hacking attack -- this one five months before the recently announced July breach that exposed sensitive information of over 140 million Americans.
Equifax confirmed Monday that a previous hack occurred in March, Fortune reported. It wasn't immediately known how many people it may have impacted.
The new breach was revealed amid a Bloomberg report Monday that said Equifax initially hired the security firm Mandiant around the time of the hack in March. However, a company spokesperson for Equifax said that the hirings were unrelated to the incident.
Word of another hack adds to turmoil for the company that just last week saw the exit of two senior executives.
Analysts say three Equifax executives, though, may have a difficult time explaining their series unusual stock sales. They sold shares totaling nearly $2 million on Aug. 1 and Aug 2, three and four days after the second breach. If it could be proven that they knew the breaches could have damaged the company, they could be susceptible to charges of insider trading.
Bloomberg's report said the U.S. Department of Justice is looking into the stock sales. The Federal Trade Commission is already investigating the company over the July data breach.
The executives say they had no knowledge that the intrusions had occurred before they sold their shares.
Under a timeline given by the company, executives had a handful of days between selling their shares and finding out about the breach. Those sales occurred long after the March hack -- but before public disclosure of any security issues at all.
It is unclear whether the hacks are related.
A spokesperson for Equifax said the company is "working diligently with our bank partners to assess and mitigate any impact to their operations."