Credit score reporting agency Equifax hack potentially exposes 143 million customer's details

By on
Credit score reporting agency Equifax hack potentially exposes 143 million customer's details

Equifax, a provider of consumer credit scores, said personal details of as many as 143 million US consumers were accessed by hackers between mid-May and July, in what could be one of the largest data breaches in the United States.

The details accessed included names, social security numbers, and, in some cases, driver's license numbers, Equifax said.

In addition, credit card numbers of around 209,000 US consumers and certain dispute documents with personal identifying information of around 182,000 US consumers were accessed, the company said.

"The sheer scope of the breach is extremely troubling," said Ryan Kalember, senior vice president of the cyber-security firm Proofpoint.

Equifax also said personal information of certain UK and Canadian residents were also hacked.

The company said it was working with law enforcement agencies and had hired a cyber-security firm to investigate.

"This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do," chief executive Richard Smith said in a statement.

Atlanta-based Equifax tracks consumer history and credit card scores for borrowers and lenders. The company also helps consumers manage and protect their personal information.

"On a scale of 1 to 10, this is a 10. It affects the whole credit reporting system in the United States because nobody can recover it, everyone uses the same data," Avivah Litan, a Gartner analyst who tracks identity theft and fraud, told Reuters.

In October 2015, Equifax rival Experian Plc revealed a data breach that exposed sensitive personal data of some 15 million people who applied for service with T-Mobile.

Equifax, which discovered the hack on 29 July, said its core consumer or commercial credit databases were not impacted.

The company said criminals exploited a US website application vulnerability to gain access to certain files. The company did not provide further details.

Last December, Yahoo said more than 1 billion user accounts were compromised in August 2013, while in 2014 e-commerce company eBay Inc had urged 145 million users to change their passwords following a cyber attack.

Equifax said consumers could check if their information had been impacted at,

The company's shares were down 8.7 percent at US$134.16 in after-market trading on Thursday.


(Reporting by Yashaswini Swamynathan and Laharee Chatterjee in Bengaluru; Addditional reporting by Dustin Volz; Editing by Sriraj Kalluvila)

Got a news tip for our journalists? Share it with us anonymously here.

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Log In

Username / Email:
  |  Forgot your password?