Credit-monitoring company Equifax Inc. suffered a security breach that could affect up to 143 million people in the United States, as well as expose the “limited personal information” of an undisclosed number of Canadian and British Equifax users.
Equifax did not indicate the number of Canadians/British that could be affected or how, and Equifax Canada spokesperson Tom Carroll said the company is not providing any further information on the impact of the hack in Canada.
Based in Atlanta, Equifax is one of three major credit bureaus in the United States. Between May and July of this year, the company stated that cyber-attackers exploited a U.S. website application to access files which contained the personal information sought by the hackers.
“On a scale of 1 to 10, this is a 10 in terms of potential identity theft,” said Gartner security analyst Avivah Litan. “Credit bureaus keep so much data about us that affects almost everything we do.”
Names, addresses, birthdates, social security numbers and drivers license numbers were all among the information obtained. Equifax said its core credit-reporting databases don’t appear to have been breached.
“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do,” Equifax CEO Richard Smith said in a statement. “I apologize to consumers and our business customers for the concern and frustration this causes.”
For more information, and to find out if you have been personally affected, you can use the website www.equifaxsecurity2017.com, which has been set up by Equifax. The website allows users to verify if their information was potentially affected, and helps them sign up for the free credit-file monitoring and identify-theft protection offered by Equifax in light of the breach.
NOTE: Some people are furious about the site’s functionality, and it includes an arbitration clause, which means that people who use the site waive their rights to a class-action lawsuit.
While SolidTrust Pay was not affected by the attack, events such as these serve as a reminder to always employ best security practices. We suggest that users update passwords and use a password manager, delete old accounts with personal information if you are no longer using them, and follow our 10 steps for better internet safety!