Consumer credit reporting agency Equifax has been hit by a cyber-breach, and looking at how much data was potentially stolen – this one is monumental.
The company issued a statement this Thursday confirming the hack. It said that cyber-criminals entered its network somewhere in May, and resided there until discovered in late July.
Roughly 143 million of US consumers were affected, together with an unknown number of people in the UK and Canada.
Equifax's core consumer or commercial credit reporting databases were untouched, the company said, but names, Social Security numbers, birth dates, addresses and, in some instances, driver's license numbers, were. Also, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed as well.
The company was quick to apologise and offered a remedy: it is offering every US citizen a year's worth of free identity theft monitoring for all those that apply. It has also set up a dedicated call centre and a website to handle information requests from customers.
"This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes," said Chairman and Chief Executive Officer, Richard F. Smith.
The media dubbed this event as one of the most brutal cyber-attacks in human history. Ars Technica calls it “very possibly the worst leak of personal history ever”, while The Register basically said everyone, everywhere, ever, got affected (yes, they’re exaggerating a bit but they do make a point).
Market Watch says the company’s shares “plunged” after news of the breach broke out, while Greensboro went as far to say that three executives sold their stock days before the breach was revealed. Apparently, they were clueless to what was about to happen.
Image source: Shutterstock/Ai825