Sat, Sep 09, 2017 - Page 7 News List

Equifax hack leaves millions exposed

REPUTATION:The cyberbreach undermines the credibility of the credit monitoring company, whose business is built around providing financial profiles firms can trust


Credit monitoring company Equifax has been hit by a high-tech heist that exposed the social security numbers and other sensitive information of about 143 million Americans. Now, the unwitting victims have to worry about the threat of having their identities stolen.

The Atlanta, Georgia-based company, one of three major US credit bureaus, on Thursday said that “criminals” exploited a US Web site application to access files between mid-May and July.

The thieves obtained consumers’ names, social security numbers, birth dates, addresses and, in some cases, driver’s license numbers.

The purloined data can be enough for crooks to hijack the identities of people whose credentials were stolen through no fault of their own, potentially wreaking havoc on their lives.

Equifax said its core credit reporting databases do not appear to have been breached.

“On a scale of one to 10, this is a 10 in terms of potential identity theft,” Gartner security analyst Avivah Litan said. “Credit bureaus keep so much data about us that affects almost everything we do.”

Lenders rely on the information collected by the credit bureaus to help them decide whether to approve financing for homes, cars and credit cards. Credit checks are even sometimes done by employers when deciding who to hire for a job.

Equifax discovered the hack on July 29, but waited until Thursday to warn consumers.

The company declined to comment on that delay or anything else beyond its published statement.

It is not unusual for US authorities to ask a company hit in a major hack to delay public notice so that investigators can pursue the perpetrators.

The firm established a Web site,, where people can check to see if their personal information might have been stolen.

Rival Experian is offering free credit monitoring to all US consumers for a year.

“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do,” Equifax CEO Richard Smith said in a statement.

“I apologize to consumers and our business customers for the concern and frustration this causes,” he added.

This is not the biggest data breach in history. That indignity still belongs to Yahoo, which was targeted in at least two separate digital burglaries that affected more than 1 billion of its users’ accounts throughout the world.

However, no social security numbers or driver’s license information were disclosed in the Yahoo break-in.

Equifax’s security lapse could be the largest theft involving social security numbers, one of the most common methods used to confirm a person’s identity in the US. It eclipses a 2015 hack at health insurer Anthem that involved the social security numbers of about 80 million people .

Any data breach threatens to tarnish a company’s reputation, but it is especially mortifying for Equifax, whose entire business revolves around providing a clear financial profile of consumers that lenders and other businesses can trust.

“This really undermines their credibility,” Litan said.

It could also undermine the integrity of the information stockpiled by two other major credit bureaus, Experian and TransUnion, since they hold virtually all the data that Equifax does, Litan added.

Equifax’s stock dropped 13 percent to US$124.10 in extended trading after its announcement of the breach.

This story has been viewed 1460 times.

Comments will be moderated. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned.

TOP top