Equifax says a cyber attack leveraged against the company has exposed the personal data of approximately 143 million U.S. consumers.
Credit-reporting company Equifax has just announced a major cyber security breach that has exposed the data of approximately 143 million U.S. consumers.
What data was exposed?
The company says the following data was accessed:
Social Security numbers
driver’s license numbers
credit card numbers (approx. 209,000 U.S. consumers)
dispute documents (approx. 182,000 U.S. consumers)
Equifax says UK and Canadian residents may have been exposed as well.
When did this happen?
The company discovered the intrusion on July 29, and it believes the intrusion happened between mid-May and July 2017.
What did Equifax do when it discovered the intrusion?
The company says it immediately took action to stop the breach. It also hired a cybersecurity firm to learn more about the breach and determine how much data was exposed:
The company promptly engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. While the company’s investigation is substantially complete, it remains ongoing and is expected to be completed in the coming weeks.
How can I determine if my data was exposed in the breach?
Equifax has set up a dedicated website, www.equifaxsecurity2017.com where U.S consumers can determine if their data was impacted. The company is also offering free credit file monitoring and identity theft protection:
The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year.
To determine if you were potentially impacted by the breach, you can visit the enrollment site and enter your last name and the last six digits of your Social Security number (no, the irony is not lost on us). If you were impacted, you’ll receive a message indicating just that. In any case, you’re given the option to sign up for identity theft protection and credit file monitoring.
The company says it will mail out notices to consumers whose credit card numbers and dispute documents were exposed in the breach.