Update: Equifax announced on October 2 that an additional 2.5 million US consumers may have been impacted by the massive data breach that was first disclosed on September 7.
The company in charge of the forensic analysis of the hack has revised the number, Equifax said (opens in new tab), bringing the total of potentially impacted consumers to 145.5 million.
Equifax has maintained the web page where you can check whether your personal information may have been stolen in the hack (opens in new tab).
The firm is offering free credit monitoring through TrustedID Premier, and most experts suggest implementing a credit freeze (opens in new tab) at all three of the major credit reporting companies (Equifax, Experian and TransUnion) if you believe your information was compromised.
Original article below...
Credit reporting firm Equifax revealed today (opens in new tab) that hackers gained unauthorized access to personal information of up to 143 million US consumers – more than a third of the country's population.
According to Equifax, the breach occurred around mid-May through July of this year, exploiting a website application vulnerability.
While primarily a US-based cyber attack, Equifax also said "limited personal information" was accessed pertaining to some UK residents, with more details to come regarding users affected outside the US.
The company says it became aware of the breach on July 29, and acted to stop the leak and conduct a forensic review for law enforcement.
Among the data stolen was customers' names, Social Security numbers, birth dates, addresses and some driver's license numbers.
Equifax says approximately 209,000 US users also had their credit card information comprised, and about 182,000 had dispute documents accessed. Equifax is mailing notices to those users.
How to find out if your information was stolen
Though a hugely worrying breach, Equifax claims it has found "no evidence of unauthorized activity" on the company's core consumer or credit reporting databases. Still, the information stolen is highly sensitive.
Equifax has set up a dedicated webpage (opens in new tab) to help customers establish whether their data has been compromised, and if so what steps they can take to protect their identity.
Once on the page, you need to click the 'Potential Impact' button. You're asked to enter your last name and the last six digits of your social security number; we were admittedly wary of giving this information considering the hack.
While Equifax says it will send a message indicating whether your personal information may have been compromised, one TechRadar staffer received a message but another didn't.
Whether or not your information was stolen, Equifax is offering consumers free enrollment in its TrustedID Premier program.
It appears that there's a waiting list for this credit file monitoring and identity theft protection program; we were given an enrollment date of September 13 and told to return to this site (opens in new tab) then. No additional alert will be sent reminding you to enroll, and enrollment will end on November 21.
You can also call an information line at 866-447-7559.
In the wake of the breach, it's important to be wary of suspicious emails, especially those claimed to be from Equifax or other official sources. Don't click on links or download material from emails that seem suspicious, as phishing attempts often run rampant after breaches like this.
It's also a good idea to change your passwords, and keep an eye on your credit card and bank accounts. You can also monitor your credit with the two other large US credit reporting companies, Experian and TransUnion.
- Intel Kaby Lake could help you get the most out of your PC