#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 9°C Friday 26 February 2021

Breach at US credit check company exposes 143 million people to identity theft

The breach happened in July but executives only informed the public this week.

Image: Mike Stewart/AP

A CREDIT MONITORING company in the US has said that hackers have gained access to the personal sensitive data of about 143 million people.

Equifax, which is one of three major US credit bureaus, said that “criminals” exploited a US website application to access files between mid-May and July of this year.

The theft obtained consumers’ names, birth dates, addresses and, in some cases, driver’s licence numbers. The data can be enough for criminals to hijack the identities of people whose credentials were stolen through no fault of their own.

Equifax said its core credit-reporting databases don’t appear to have been breached.

“On a scale of one to 10, this is a 10 in terms of potential identity theft,” said security analyst Avivah Litan. “Credit bureaus keep so much data about us that affects almost everything we do.”

Lenders rely on the information collected by the credit bureaus to help them decide whether to approve financing for homes, cars and credit cards. Credit checks are even sometimes done by employers when deciding whom to hire for a job.

Equifax discovered the hack on 29 July, but waited until yesterday to warn consumers.

The Atlanta-based company declined to comment on that delay or anything else beyond its published statement. It’s not unusual for US authorities to ask a company hit in a major hack to delay public notice so that investigators can pursue the perpetrators.

#Open journalism No news is bad news Support The Journal

Your contributions will help us continue to deliver the stories that are important to you

Support us now

Three Equifax executives insulated themselves from that downturn by selling shares worth a combined $1.8 million (€1.5 million) just a few days after the company discovered the breach on 29 July, according to documents filed with securities regulators.

The sales, executed on 1 and 2 August were made by John Gamble, Equifax’s chief financial officer; Rodolfo Ploder, Equifax’s president of workforce solutions; and Joseph Loughran, Equifax’s president of US. information solutions.

In a subsequent statement, Equifax said the three executives “had no knowledge that an intrusion had occurred at the time they sold their shares”.

Read: What Australia can learn from Ireland’s successful marriage equality campaign >

Read: Farmer sues receiver and ‘vulture fund’ who have threatened to sell his stock >

About the author:

Associated Press

Read next:


This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a commentcancel