This July 21, 2012, photo shows Equifax Inc., offices in Atlanta. Credit monitoring company Equifax says a breach exposed social security numbers and other data from about 143 million Americans. The Atlanta-based company said Thursday, Sept. 7, 2017, that "criminals" exploited a U.S. website application to access files between mid-May and July of this year. (AP Photo/Mike Stewart)
Equifax, which supplies credit information and other information services, said Thursday that a data breach could have potentially affected 143 million consumers in the United States.

The population of the U.S. was about 324 million in 2017, according to Census Bureau estimates, which means the Equifax incident affects a huge portion of the country.

Equifax said it discovered the breach on July 29. “Criminals exploited a U.S. website application vulnerability to gain access to certain files,” the company said.

 SEC filings show that three Equifax executives – Chief Financial Officer John Gamble Jr., workforce solutions president Rodolfo Ploder and U.S. information solutions president Joseph Loughran – sold nearly $2 million in shares in the company days after the cyberattack was discovered. It was unclear whether their share sales had anything to do with the breach.

Equifax said in a statement that the three executives sold a “small percentage” of their shares on Tuesday, August 1, and Wednesday, August 2, adding they “had no knowledge that an intrusion had occurred at the time they sold their shares.”

The SEC declined to comment on the share sales.

Shares of Equifax fell more than 12 percent in after-hours trading.

The company said the exposed data include names, birth dates, Social Security numbers, addresses and some driver’s license numbers, all of which Equifax aims to protect for its customers.

Equifax added that 209,000 U.S. credit card numbers were obtained, in addition to “certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.”

“This is a security risk for any and every website that anyone uses,” Christopher O’Rourke, founder and CEO of cybersecurity firm Soteria, told CNBC.

“Most often, security questions to access those websites use that data, like a previous address, so this becomes an open-source intelligence nightmare, worse in many ways than the Office of Personnel Management government breach. It’s nasty. If I can get my hands on that information I can call a bank. They’re going to ask me for your Social, address, the information that was leaked here, to get access.”

Equifax Chairman and CEO Richard Smith apologized to consumers and customers and noted that he’s aware the breach affects what the company is supposed to protect.

Equifax said it is now alerting customers whose information was included in the breach via mail, and is working with state and federal authorities. Its private investigation into the breach is complete. NBC News, citing law enforcement sources, reported that the FBI was actively investigating the incident and that the company has been cooperating with the bureau.

  • Content writtten by: Todd Haselton on Septmeber 7, 2017
  • Orginally published at: https://www.cnbc.com/2017/09/07/credit-reporting-firm-equifax-says-cybersecurity-incident-could-potentially-affect-143-million-us-consumers.html
  • Photo credit: KCRA.com

Ready to protect your data? What You Can Do:

  • Immediately, install a FREE 30-day Trial of EZProtect Antivirus and connect it to your Salesforce org(s) to start scanning files, document uploads, or chatter for viruses or malicious content. Once this is complete, you will have a sense of how many files your organization scans per month and you will be well poised to convert to a paid plan.
  • You may also download the full brochure with FAQs and schedule a demo to better understand how the tool works inside and outside of Salesforce by visiting www.adaptus.com/portfolio/ezprotect/.

Schedule-demo-button_cropped


EZAssign Version 1.31 Pre-Release for Customers Attending Dreamforce this week? Look for EZAssign and EZProtect in the Developer Lounges!