ATLANTA (CBSLA.com) — Social Security numbers and other data from 143 million Americans was potentially exposed in a cyber security breach earlier this year, credit monitoring company Equifax announced Thursday.
In what could end up being one of the largest breaches ever, Equifax says the incident exposed names, Social Security numbers, birth dates, addresses, and driver’s license numbers, the company announced.
More than 200,000 credit card numbers were also accessed.
The breach occurred sometime between mid-May and July when hackers “exploited a U.S. website application vulnerability to gain access to certain files”, according to a statement released by the company.
“Limited personal information” from British and Canadian residents may also have been accessed.
The company said there was no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.
Equifax CEO Richard Smith said a “thorough” security review is being conducted in the wake of the breach.
“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do,” said Smith. “I apologize to consumers and our business customers for the concern and frustration this causes.”
CBS2/KCAL9 spoke with cyber security expert Todd Plesco, who suspects the breach may be bigger than we know because it likely happened more than two months ago but wasn’t noticed until today.
“I suspect that the exposure was pretty extensive, but they had to go through logs and make sure it wasn’t an inside job and that they patched the hole,” he said.
Equifax has set up a dedicated website to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection.