Credit bureau Equifax, Inc., announced yesterday a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017.
The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.
As part of its investigation, Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents.
According to Krebs on Security, Equifax has set up a Web site here to allow those concerned to determine if they have been impacted. The site also lets consumers enroll in TrustedID Premier, a three-bureau credit monitoring service (Equifax, Experian and Trans Union) which also is operated by Equifax. Efforts to log in to the site have proven problematic for some. Read the full article here.