Hack on Equifax could affect millions in U.S., Canada
Equifax Inc., one of the three biggest credit-reporting companies, was struck by a cyberattack that left almost half the U.S. population at risk, placing it among the most intrusive security breaches in history. The stock fell the most in almost two decades.
Hackers exploited a website application to access names, addresses, Social Security numbers and some driver’s licence numbers of potentially 143 million consumers, Equifax said Thursday in a statement.
Some U.K. and Canadian residents were also affected in the incident reported Thursday. Equifax said it’s working with regulators in both countries. It uncovered the breach on July 29. Its investigation is expected to be done in coming weeks, Equifax said.
“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” CEO Richard Smith said.
Equifax shares fell 18 per cent, the most since December 1998, to $117.25. TransUnion fell 4.4 per cent, the biggest drop on an intraday basis since November.
A proposed class action lawsuit was filed against Equifax late Thursday evening, shortly after the company reported the unprecedented hack.
The incident is a stark reminder of the risk of consumers’ personal data being exposed online, security experts said. It’s particularly worrisome for the millions of people who trust credit-reporting agencies like Equifax to handle and protect their financial information. That kind of data is critical and could be used in multiple ways to harm consumers.
“This is massive,” said Paul Martini, chief executive officer of Iboss, a cybersecurity firm. “This overshadows any other breach that we’ve seen to date — not just the volume, the size, but the type of data that was in that database.”
The company set up a website, www.equifaxsecurity2017.com, that consumers can use to determine whether their information was compromised. It’s also offering free credit-file monitoring and identity-theft protection.
The Federal Bureau of Investigation said in a statement that it was aware of the hacking incident and was “tracking the situation as appropriate.” Bloomberg