Equifax Breach affects 143 Million in the US

Equifax Data Breach

Credit reporting agency Equifax announced a massive data breach on 7 September that it says could potentially impact 143 million US customers. Equifax is one of the three largest US credit bureaus that collects and maintains consumer financial data for hundreds of millions of people in the US and Canada.

According to an AFP article, “Equifax said that a hack it learned about on July 29 had the potential to affect 143 million US customers, and involved some data for British and Canadian residents.” A statement on Equifax’s informational website dedicated to updates on the breach stated that “the unauthorized access occurred from mid-May through July 2017,” and that the information accessed included “names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers” as well as “credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.” Personal information of UK and Canadian residents was also accessed.

Equifax’s handling of the data breach has been criticized because of the 41 day delay between their discovery of the breach on 29 July and their disclosure of the breach on 7 September.

News that three Equifax senior executives, including Chief Financial Officer John Gamble, sold Equifax stock after the breach was discovered but before the breach was publicly announced only intensified public dissatisfaction with how the company has dealt with one of the largest and most damaging data breaches to date.

The Yahoo data breaches of 2013 and 2014 affected a greater number of users accounts, over 1 billion, but the data types exposed by this Equifax breach, a package of personally identifiable information including full social security number and possibly credit card numbers, makes this breach potentially more damaging than the larger Yahoo breach.

What Should I Do Now? Help for those affected by the data breach.

The Federal Trade Commission’s Identity Theft Recovery website now includes a section specifically for those affected by the Equifax Data Breach with a list of helpful links and recommended steps like enrolling in the free credit monitoring program offered by Equifax, placing a freeze or fraud alert on your credit report, and being vigilant with your accounts now and during tax time, and being on the lookout for scams.

For recommendations and links for those affected by the Equifax breach, read our CSCC Best Practices article.

For more information about Identity theft protection, visit the Federal Trade Commission’s articles on Identity Theft Protection and the Credit Freeze FAQs page.


Equifax, Equifax Announces Cybersecurity Incident Involving Consumer Information

AFP, 143 Million Affected in Hack of U.S. Credit Agency

AFP, Massive Credit Bureau Hack Raises Troubling Questions

The Hacker News, Equifax Data Breach: Steps You should Take to Protect Yourself

Federal Trade Commision, IdentityTheft.gov, When Information Is Lost or Exposed