Cyberattack on Equifax threatens 143m US consumers
Criminals exploited a US website application vulnerability
Information specialist Equifax has revealed a cybersecurity incident potentially impacting approximately 143 million US consumers.
It says criminals exploited a US website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorised access occurred from mid-May through July 2017.
The company has found “no evidence of unauthorised activity on Equifax’s core consumer or commercial credit reporting databases”.
The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s licence numbers.
In addition, credit card numbers for approximately 209,000 US consumers, and certain dispute documents with personal identifying information for approximately 182,000 US consumers, were accessed.
It also identified unauthorised access to limited personal information for certain UK and Canadian residents. It found no evidence that other countries have been impacted. Its investigation is ongoing and is expected to be completed in the coming weeks.
Equifax chairman and CEO, Richard F. Smith, says: “I’ve told our entire team that our goal can’t be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight.”
The firm has established a dedicated website, www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection.
It has also engaged an independent cybersecurity firm to conduct an assessment and provide recommendations.
Last month, Equifax joined forces with FIS to create OnlyID, a digital authentication solution that enables consumers to make secure transactions across multiple online accounts without passwords.
Banking Technology Awards 2017 are still open for entry!
Know any innovative products, inspirational projects, skilled teams or visionary leaders that deserve a special recognition this year? Nominate them for a Banking Technology Award!
Deadline for submitting the nominations has been extended to 8 September 2017.
