Equifax says website vulnerability exposed 143 million US consumers
Equifax, one of the largest credit bureaus in the U.S., said on Thursday that an application vulnerability on one of their websites led to a data breach that exposed about 143 million consumers. The breach was discovered on July 29, but the company says that it likely started in mid-May.
“Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases,” the company said in a statement.
The statement goes on to say that those responsible for the data breach accessed records containing Social Security Numbers, birth dates, addresses, and in some cases driver’s license numbers.