ATLANTA - Equifax says approximately 143 million U.S. consumers' social security numbers and other information were stolen during a data breach.
Unauthorized access occurred from mid-May through July 2017. The company says information stolen includes social security numbers, birth dates, addresses and, in some instances, driver's license numbers.
In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.
Equifax claims they has found no evidence of unauthorized activity on Equifax's core consumer or commercial credit reporting databases.
In addition, the company says that unauthorized access of personal information occurred for limited UK and Canadian residents.
Equifax says they discovered the breach on July 29, and acted immediately to stop the intrusion. Equifax says the company's investigation is substantially complete, but it remains ongoing and is expected to be completed in the coming weeks.
"This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes," said Chairman and Chief Executive Officer, Richard F. Smith. "We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident."
Equifax set up a website, www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection.
The company recommends that consumers with additional questions contact a dedicated call center at 866-447-7559.
"I've told our entire team that our goal can't be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight. While we've made significant investments in data security, we recognize we must do more. And we will," CEO Smith said.
Equifax says they will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted.