A huge data breach happened at Equifax, leaving hundreds of thousands of consumers with their personal information in the hands of nefarious criminals. Equifax is one of the three major consumer credit reporting agencies in the United States. That makes it the caretaker of a veritable treasure trove of personal information for cyber criminals. That information includes Social Security numbers, birth dates, addresses, driver’s license numbers, and sometimes even credit card information. Read on to find out everything you should know about the 2017 Equifax breach.
What Happened with the 2017 Equifax Breach?
According to the consumer notice provided by the company, Equifax fell victim to a cyber criminal attack sometime in May 2017. The intrusion targeted a US website application vulnerability in order to gain access to files in Equifax’s network.
On July 29, 2017, Equifax finally discovered the breach. It acted immediately to stop the intrusion, but the criminals had already been privy to the sensitive information for more than two months. Equifax hired a leading independent cybersecurity firm. That firm is determining the scope of the intrusion and what data the breach impacted. It also notified law enforcement, and the investigation is ongoing.
How Much Data Was Stolen?
The company hasn’t divulged how much data the 2017 Equifax breach included, or how many total consumers it affected. It has revealed that the information accessed includes “names, Social Security numbers, birth dates, addresses, and in some instances, driver’s license numbers.”
On top of that, the breach included credit card numbers for about 209,000 consumers. Finally, there were dispute documents, which can include other personally identifiable information, stolen for approximately 182,000 consumers.
If there’s a silver lining here, it lies in the fact that Equifax has not found any evidence of unauthorized access to its core consumer or commercial credit reporting databases. So your credit information is safe, even if your personal identification details aren’t.
What’s Equifax Doing About It?
Equifax has taken steps to stop the intrusion, as previously noted. The company has also hired experts to conduct an assessment and recommend further steps to prevent something like this from happening again.
The company is also offering free identity theft protection and credit file monitoring to all US consumers, even those not impacted by the 2017 Equifax breach. Equifax has set up a special website to allow consumers to find out if their data might have been accessed, and sign up for the identity theft and monitoring plan. There’s a catch, though.
What Do I Do Now?
You have two choices, really. You can visit the special website Equifax is using to let consumers know if they’ve been affected and to sign up for identity theft protection. There are a couple major problems with this, though.
First of all, you have to be willing to trust Equifax’s servers with even more information. Rather than asking for the typical last four digits of your Social Security number to confirm your identity, the page asks for six digits.
Up Next: Finding out if you’re affected and finding a trusted identity theft protection product