SAN FRANCISCO (CBS SF) – Credit reporting firm Equifax announced Thursday that 143 million consumers in the United States could be impacted by a cybersecurity breach.
According to a company statement, criminals “exploited a U.S. website application vulnerability to gain access to certain files” starting in mid-May until the company discovered the breach on July 29th.
Information accessed by hackers includes names, Social Security numbers, birth dates, addresses and driver’s license numbers. Around 209,000 credit card numbers were also obtained, along with personal identifying information in about 182,000 dispute documents.
“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” Equifax Chairman and CEO Richard Smith said in a statement.
Equifax plans to mail notices to consumers who have had their credit card numbers or dispute documents impacted by the breach. The company is also working with federal and state authorities.
Consumers who may have been impacted by the breach are asked to visit https://www.equifaxsecurity2017.com/ to apply for one year of free credit monitoring and identity theft protection.
It was not clear why Equifax waited more than a month to disclose the security breach.
Meanwhile, Bloomberg reported Thursday that three Equifax senior executives sold almost $2 million worth of stock in the company three days after the security breach.
Shares of Equifax plummeted Thursday in after-hours trading.