The credit reporting agency, Equifax, has launched an investigation into a data breach event potentially impacting 143 million U.S. consumers.
On July 29, 2017, Equifax discovered that criminals exploited a U.S. website application vulnerability to gain access to certain files. Upon discovery, we acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm which has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017.
How to protect your identity?
In light of this situation, please use the following tips to educate yourself on how to better protect your identity:
- If you were impacted by the breach you will receive a data breach notification from Equifax. Read the notice carefully to learn what information may have been exposed and how. (Keep the notice in case you ever need to prove that your data was compromised through no fault of your own.)
- Review the breached account. Identify what information it contained and what was compromised. Look for any unauthorized activity, such as a change in address or telephone number.
- If you have access to CyberScout monitoring, we recommend you activate it as soon as possible.
- Pay extra attention to your account and billing statements. Check for charges that aren’t yours.
- Change all user access credentials. If you use the same passwords for other financial institutions, change them. Watch financial statements—on paper and online—for unauthorized transactions. Be aware of potential email, phone and snail-mail scams. Enable text and email alerts when possible.
As Equifax uncovers and releases more information, the best course of action for impacted individuals is to follow the preventive and remedial steps they are providing at https://www.equifaxsecurity2017.com/potential-impact/.