Equifax Inc. (our primary credit bureau) announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.
The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.
Equifax is working with law enforcement, a cybersecurity firm and regulators. In the meantime, the company has setup a website: https://www.equifaxsecurity2017.com/ with more information and to help consumers know if they were impacted. Customers should be vigilant over the next several months to check their credit card statements, and the Equifax website, for trending information and resources.
Here are links to two websites with information on how to freeze your credit if you desire: