By William Moore, Executive Editor
On Thursday, September 7th, Equifax Incorporated, one of the three largest American credit reporting agencies, announced that it had been the victim of a cyber-attack, which potentially leaked the personal information of as many as 143 million consumers in the united states.
In a statement, executives of the company said that hackers were able to exploit weaknesses in their website to gain access to a large number of customers’ files, which included information such as names, social security numbers, dates of birth, home addresses, and in some cases even driver’s license numbers. Furthermore, the credit card information of approximately 209,000 US customers and dispute documents with personally identifying information of another 182,000 customers were accessed according to the press release.
As reported by the Atlanta Business Chronicle, Equifax revealed that it had conducted an investigation, which found that the unauthorized access occurred in the period ranging from mid-May through July of 2017. Equifax uncovered the hack on July 29th, and stated that it acted immediately to engage “a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted.” In addition, Equifax has been in contact with law enforcement in an attempt to bring those responsible to justice.
In a portion of the company’s official press release, Equifax chairmen and CEO, Richard Smith, stated, “This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes … We Pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations.” As a part of the process to correct the damage caused by the security breach, Equifax has also set up a website, equifaxsecurity2017.com, to give customers progress updates and allow them to check if their information was compromised as part of the breach.
Despite these efforts, many consumers are deeply displeased by what they consider to be negligence on the part of Equifax. As reported on in Bloomberg, a class action lawsuit has already been filed in Portland, Oregon’s federal court, seeking damages of as much as $70 billion nationally. Many consumers are particularly annoyed with the way Equifax chose to handle news of the release; despite discovering the vulnerabilities in its system in late July, the company chose not to publicly announce the fact that it had been compromised until over a month later.
Additionally, consumers have expressed anger over the fact that three senior Equifax executives sold roughly $1.8 million of Equifax stock in the days following discovery of the hack, though company representatives claim that the executives had no knowledge of the hack at the time of the sale.
According to the lawsuit, “In an attempt to increase profits, Equifax negligently failed to maintain adequate technological safeguards to protect [plaintiffs] Ms. McHill and Mr. Reinhard’s information from unauthorized access by hackers,”
If you have been a user of Equifax in the past several years, it is strongly advised that you stay alert for suspicious activity in your credit accounts and check if your data has be compromised via equifaxsecurity2017.com.
A version of this article appeared in the Tuesday, September 12th print edition.
Contact William at