Equifax Hack Exposes Personal Data Of 143 Million People

Credit monitoring company Equifax has admitted to a devastating hacking that has potentially impacted approximately 143 million US consumers.

The admission of the ‘cybersecurity incident’ (which was  discovered in late July), came after hackers apparently “exploited a US website application vulnerability to gain access to certain files.”

The data breach is hugely damaging, as it has exposed social security numbers, birth dates, addresses, and in some instances, driver’s license numbers, all of which are incredibly valuable to criminal gangs.

Brits Also Affected

Shares in the firm have plunged on the stock markets as news of the data breach emerged.

And to make matters worse, credit card numbers for approximately 209,000 US consumers, and certain dispute documents with personal identifying information for approximately 182,000 US consumers, were also accessed.

“Based on the company’s investigation, the unauthorised access occurred from mid-May through July 2017,” Equifax admitted. “ The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.”

And the fallout is not just limited to the United States, as the Equifax investigation “also identified unauthorised access to limited personal information for certain UK and Canadian residents.”

The firm pledged to work with UK and Canadian regulators to determine appropriate next steps, and has said that it has found no evidence that personal information of consumers in any other country has been impacted.

Equifax has set up the following website to help consumers determine if their information has been impacted and to sign up for credit file monitoring and identity theft protection. It will also notify affected customers.

Equifax said that it has discovered the unauthorised access on 29 July and acted immediately to stop the intrusion.

It apparently engaged a cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted.

It has also reported the breach to all revelant law enforcement agencies.

Loading ...

“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do,” said Chairman and CEO Richard F. Smith. “I apologise to consumers and our business customers for the concern and frustration this causes.

“We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all US consumers, regardless of whether they were impacted by this incident.

“I’ve told our entire team that our goal can’t be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight. While we’ve made significant investments in data security, we recognize we must do more. And we will.”

It is worth noting that Equifax has been hacked before. In 2013 it (along with Experian and TransUnion) admitted that financial files of four high-profile individuals had been compromised.

This is not the largest ever data breach (that dubious honour goes to Yahoo), but it is still novertheless a significant hack.

It is also much bigger than the 2015 hack at the health insurer Anthem, that involved the social security numbers of about 80 million people .

Quiz: Are you a security pro?

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

2 days ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

2 days ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

2 days ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

3 days ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

3 days ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

3 days ago