Equifax, Inc. (NYSE: EFX) has disclosed that between mid-May and July 2017, they became aware of unauthorized access to their computer network. The company has said that they have engaged with a leading cybersecurity firm and that they have, so far, “found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.”
According to Equifax’s statement, “The information accessed [by the attackers] primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.” The company discovered the unauthorized access on July 29, 2017 and acted immediately to stop it.
Equifax is currently offering free credit monitoring services to any consumer who’s information was affected by the breach. Consumers can go to www.equifaxsecurity2017.com, to check if they have been affected by the breach, as well as to sign up for their free year of credit monitoring services. This monitoring service looks at all three major credit reporting companies: Equifax, TransUnion, and Experian.
Equifax has also reported that they will send direct mail notices to consumers to those who’s credit card numbers or dispute documents with personal identifying information (also called PII) was disclosed. Equifax’s Chairman and CEO, Richard F. Smith, said “This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes. I’ve told our entire team that our goal can’t be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight. While we’ve made significant investments in data security, we recognize we must do more. And we will.”