Equifax Cyberattack to Affect 143 Million Customers

Equifax Cyberattack to Affect 143 Million Customers

The Atlanta-based company announced the hack on Thursday, and said that intruders were able to access customers' Social Security numbers, addresses, names, birthdays, driver’s license numbers and more.

Equifax, one of the top three leaders in consumer credit report agencies, has been hit with one of the biggest cyberattacks in recent years, potentially compromising sensitive information such as Social Security numbers and home addresses for 143 million Americans.

The Atlanta-based company announced the hack on Thursday, and said that intruders were also able to access names, birthdays and driver’s license numbers. Credit card numbers for 209,000 consumers were also stolen, while documents with personal information used in disputes for 182,000 people were taken as well.

The company said that it discovered the intrusion on July 29, when they learned cyber criminals had gained access to certain files in their system from mid-May to July by exploiting a “vulnerability” in website software, according to an investigation by Equifax and security consultants. No evidence of unauthorized activity on its main consumer or commercial credit reporting databases has been found since the hack’s discovery.

“This breach is totally inexcusable,” Mike Schultz, CEO of Cybernance, said. “This wasn’t a technical assault – this was a simple access by hackers through web application that was not properly secured.”

According to their website, Equifax handles data on more than 820 million consumers and more than 91 million businesses worldwide, and manages a database with employee information from more than 7,100 employers.

This is the most high-profile cybersecurity breach since online portal Yahoo reported two separate incidents last year, disclosing breaches that affected at least 1.5 billion users. Equifax isn’t a stranger to cyber security issues either, identity thieves successfully made off with critical W-2 tax and salary data from their website last year. And earlier this year, thieves stole more W-2 tax data from an Equifax subsidiary, TALX, which provides online payroll, tax and human resources services to some of the country’s largest corporations.

“This critical breakdown of internal defenses is no different than every major breach of significance in the past two years,” Schultz said, “but the sensitive information accessed points to extreme danger for the personal wealth and financial health of our economy.”

Equifax said Thursday that it will offer free credit monitoring services to all U.S. consumers for one year and has created a website, www.equifaxsecurity2017.com, to help consumers determine whether their data was at risk.

In addition to reporting the security breach to law enforcement, Equifax hired a cybersecurity firm to conduct a review to determine the scale of the invasion; the investigation is expected to wrap up in the next few weeks.

“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do,” Richard F. Smith, chairman and chief executive of Equifax, said in a statement. “Confronting cybersecurity risks is a daily fight.”

About the Author

Nicole Crites is an Associate Content Editor at 1105 Media reporting on breaking news, new products and upgrades within the security, safety, health and facilities industries.

Featured

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Nearly Half of Companies Exclude Cybersecurity Teams When Developing, Onboarding and Implementing AI Solutions

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

  • Stay Secure in 2024: Updated Cybersecurity Tips for the Office and at Home

    Cyber criminals get more inventive every year. Cybersecurity threats continue to evolve and are a moving target for business owners in 2024. Companies large and small need to employ cybersecurity best practices throughout their organization. That includes security integrators, manufacturers, and end users. Read Now

Featured Cybersecurity

Webinars

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3