Equifax announced that a recent cybersecurity incident could have “potentially” impacted 143 million U.S. consumers in a massive data breach. According to Equifax, criminals “exploited a U.S. website application vulnerability to gain access to certain files” from the credit reporting firm.
Equifax claims that information accessed by the criminals contains “names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers,” in addition to the credit card numbers of 209,000 consumers and “certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.”
The company discovered the breach on July 29. Through Equifax’s own investigation, the company believes the unauthorized access took place from mid-May through July 2017.
Equifax has created a new, dedicated website, www.equifaxsecurity2017.com, which lets consumers determine if their information may have been affected in the breach. The company is also offering users one year of free credit file monitoring and identity theft protection.