A gargantuan data breach involving one of the nations leading credit monitoring companies has exposed the personal data of 143 million Americans.
Atlanta-based Equifax, one of three major U.S. credit bureaus, announced on Thursday that “criminals” had used a website application to access files between mid-May and July of this year.
Although, the company said in a statement, its consumer and commercial credit reporting databases were not breached, the company announced that the information that had been accessed included names, Social Security numbers, birth dates, addresses and in some cases drivers license numbers of approximately 143 million individuals. More than 200,000 U.S. credit card numbers also were accessed by hackers.
“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” said Chairman and Chief Executive Officer Richard F. Smith, in a statement.
The company has launched a website, www.equifaxsecurity2017.com, to help people determine if their data was breached and will be directly contacting those whose data was accessed.
Equifax said that it discovered the breach on July 29 and immediately hired a cybersecurity firm to begin a review and also contacted law enforcement.
“On a scale of one to 10, this is a 10 in terms of potential identity theft,” Gartner security analyst Avivah Litan told the Associated Press. “Credit bureaus keep so much data about us that affects almost everything we do.”
In related news, regulatory filings indicate three Equifax executives, including the company CFO, sold stock after the data breach was discovered July 29, but before alerting the public.