What happened
Credit monitoring company Equifax (EFX 0.25%) announced a massive data breach on Thursday evening that exposed the personal information of 143 million U.S. consumers. Among the information stolen were consumers' names, Social Security numbers, birth dates, addresses, and some driver's license numbers.
For some consumers, the news is even worse. The data breach also included about 209,000 U.S. consumers' credit card numbers, as well as credit dispute documents containing personal information from about 182,000 U.S. consumers. For these consumers, not only are they at risk of criminals opening fraudulent accounts under their names, but their existing credit accounts could potentially be used for illicit transactions.
Image source: Getty Images.
The breach took place between mid-May and July 2017, and was detected by Equifax on July 29, at which point the company says it took immediate action to correct the problem.
So what
It shouldn't come as a surprise that this is a serious problem for Equifax. Unlike with other high-profile data breaches, such as those that occurred at Target and Home Depot in recent years, Equifax's business revolves around helping consumers monitor and secure their credit. It could take some time (and expense) before Equifax is able to regain the trust of consumers after this incident.
In an effort to protect affected consumers, Equifax is offering one year of free credit monitoring services to all U.S. consumers, even if they were not affected.
Now what
Equifax maintains credit reports on over 200 million consumers, so the data breach affects the majority of these. This is one of the largest-scale data breaches in U.S. history, and it remains to be seen how much it will cost the company to do damage control and how much business it could lose over the issue.
