Thursday, March 28, 2024 | Ramadan 17, 1445 H
broken clouds
weather
OMAN
23°C / 23°C
EDITOR IN CHIEF- ABDULLAH BIN SALIM AL SHUEILI

Equifax reveals hack that likely exposed data of 143m customers

1103628
1103628
minus
plus

WASHINGTON: Equifax Inc, a provider of consumer credit scores, said that personal details of as many as 143 million US consumers were accessed by hackers between mid-May and July, in what could be one of the largest data breaches in the United States.


The company’s shares fell nearly 19 per cent in after-market trading as investors reacted to possible consequences of the exposure of sensitive data of nearly half of the US population.


Atlanta-based Equifax said in a statement that it discovered the breach on July 29. It said criminals exploited a US website application vulnerability to gain access to certain files that included names, Social Security numbers and driver’s licence numbers.


In addition, credit card numbers of around 209,000 US consumers and certain dispute documents with personal identifying information of around 182,000 US consumers were accessed. Information of some UK and Canadian residents was also gained in the hack, Equifax said.


Equifax said in its statement that it was working with law enforcement agencies and has hired a cyber-security firm to investigate the breach. It said its investigation is “substantially complete,” and expects it will be completed in the coming weeks.


The company declined to comment beyond its statement.


The Federal Bureau of Investigation is tracking the situation, a spokeswoman for the agency said.


US Senator Mark Warner, vice chairman of the Senate Select Committee on Intelligence, said in a statement that it would not be an “exaggeration to suggest that a breach such as this represents a real threat to the economic security of Americans.”


Equifax’s breach follows rival Experian Plc’s breach two years ago that exposed sensitive personal data of some 15 million people who applied for service with T-Mobile US Inc (http://reut.rs/2f8ES9k)


“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do,” Equifax Chief Executive Richard Smith said in a statement, adding that the company is conducting “a thorough review of our overall security operations.”


LIKELIHOOD FOR PHISHING SEEN HIGH: Cybersecurity experts said the breach was very serious. “On a scale of 1 to 10, this is a 10. It affects the whole credit reporting system in the United States because nobody can recover it, everyone uses the same data,” said Avivah Litan, a Gartner Inc analyst who tracks identity theft and fraud.


Equifax handles data on more than 820 million consumers and more than 91 million businesses worldwide and manages a database with employee information from more than 7,100 employers, according to its website.


Ryan Kalember, senior vice-president of cyber security firm Proofpoint, said the hack was “especially troubling” because companies typically offer free credit monitoring services from firms such as Equifax, which has now itself suffered a huge cyber attack.


“The information is very personal — the likelihood that it could be used for phishing is very high,” said Matt Tait, a former analyst at the British intelligence service GCHQ and a cyber security researcher.


Equifax said consumers could check if their information had been impacted at, www.equifaxsecurity2017.com.


Representative Maxine Waters, a member of the House of Representatives Financial Services Committee, said in a statement that she would reintroduce legislation to “enhance consumer protection tools available to minimise harm caused by identity theft.” — Reuters


SHARE ARTICLE
arrow up
home icon