Credit monitoring company Equifax Security has suffered a massive hack, with the company losing the personal details of an estimated 143 million Americans, the company announced Thursday.
One of the US’s three major credit reporting agencies, Equifax said the hackers first gained access to its systems in mid-May and remained in the networks through July. The hackers accessed names, Social Security numbers, birthdays, and addresses. They also pilfered the credit card numbers of about 209,000 people and documents about credit disputes for about 182,000.
An unspecified number of people also had their driver’s license numbers exposed.
The company operates in 24 countries and has data on approximately 820 million people around the world, according to its website.
It wasn't clear how the hackers could have accessed Social Security numbers in bulk unless that information was stored in an unencrypted format. Equifax declined to respond to BuzzFeed News' request for clarification.
In a somber statement posted to YouTube, Equifax CEO Rick Smith offered apologies, saying “I deeply regret this incident” and “today is a humbling experience for all of us. Equifax will not be defined by this incident.”
The breach is ironic, considering that many customers come to Equifax after being victimized from other services. Companies whose customer databases are hacked often give a free year of credit monitoring, one of the major services Equifax provides, as consolation. Victims of the massive 2014 hack of the federal government’s Office of Personnel Management, for instance, were given Equifax services to help monitor potential identity theft.
All Equifax customers will receive free identity theft and credit monitoring, Smith said.
Kevin Collier is a cybersecurity correspondent for BuzzFeed News and is based in New York.
Contact Kevin Collier at firstname.lastname@example.org.
Got a confidential tip? Submit it here.