
Ask HN: Why are companies seemingly always reporting incorrect breach numbers - cwperkins
I am starting to become skeptical when a company first releases breach numbers. We have seen now on numerous occasions Equifax, Wells Fargo and now Yahoo revise their numbers upwards. My question is: is this because the company is generally giving a good faith estimate before getting the actual number, or is this an attempt by the companies to publicly minimize the extent of the hack and then revising later.
======
byoung2
It could also be that the people responsible for reporting the numbers (PR,
communications) are not the same people responsible for investigating the
breach (IT, engineering).

