Data leaks have become so commonplace that it’s incredibly easy to become numb to them, but credit reporting service Equifax announced a doozy today that when all is said and done could involve 143 million consumers. This is bad.
It was a treasure trove of information for the bad guys out there and included Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. As though that weren’t bad enough, 209,000 people had their credit card info leak and the breach also included dispute documents with personally identifying information from 182,000 consumers.
The information came mostly from US residents, but a percentage also involved UK and Canadian citizens and the company is working with authorities from these countries.
Equifax reports that it discovered the leak on July 29th and took steps to stop the intrusion. It then hired a cybersecurity firm to determine the extent of the intrusion and what damage was done. The company reports that it has involved law enforcement, but it’s not clear at this point how the intruders entered the system or exactly what they took.
The company has set up a website, www.equifaxsecurity2017.com, for people to check if their data was leaked and to what extent. As is often the case after leaks like this, the company is offering a free credit file monitoring and identity theft protection, which you may want to take advantage of if your information was involved.
This is not the worst breach of all time by a long shot in terms of pure numbers. That distinction goes to Yahoo, now part of Oath (which was acquired by our parent company, Verizon). They had a leak involving more than a billion users.
But this leak is particularly worrisome because Equifax is a credit reporting service and tracks a history of your consumer life, credit cards, credit scores and more — and it gives the black market a potential gold mine of information about people’s financial lives.