The credit reporting firm Equifax announced a massive cybersecurity breach that likely comprised the personal information of up to 143 million Americans—essentially half of the country, CNN reports.
Hackers gained access to sensitive information such as names, social security numbers, birth dates, addresses, and driver’s license numbers between mid-May and July, Equifax reports. The breach was discovered on July 29 by the firm. Credit card numbers for 209,000 U.S. customers were comprised, and Canadian and U.K. residents were also impacted by the data breach.
“This is about as bad as it gets,” Pamela Dixon, executive director of the World Privacy Forum, a nonprofit research group, told
The New York Times. “If you have a credit report, chances are you may be in this breach. The chances are much better than 50 percent.”
Equifax is one of three major consumer credit reporting agencies. The credit reporting agency handles data on more than 820 million consumers and more than 91 million businesses worldwide. This marks the third major cybersecurity threat for the agency since 2015. Equifax faced criticism Thursday for not doing more to beef up its security following those previous attacks.
“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do,” Richard F. Smith, chairman and chief executive of Equifax, said in a statement. “Confronting cybersecurity risks is a daily fight.”
Equifax
created a website to help consumers determine whether their data was at risk. Consumers will not likely get confirmation right away if they’ve been affected, but the site provides an enrollment date for its protection service. Its credit protection service is free for one year for consumers who enroll by Nov. 21.
Equifax is also urging consumers
to get a free copy of their credit report from the three major credit bureaus: Equifax, Experian, and TransUnion.
Source: “Equifax Says Cyberattack May Have Affected 143 Million Customers,” The New York Times (Sept. 7, 2017)