Equifax website hack exposes data for ~143 million US consumers

by
Dan Goodin
from Ars Technica - All content on (#31GHY)
caution-800x534.jpg

Enlarge (credit: Michael Theis)

Equifax, a provider of consumer credit reports, said it experienced a data breach affecting as many as 143 million US people after criminals exploited a vulnerability on its website. The US population is about 324 million people, so that's about 44 percent of its population.

The data exposed in the hack includes names, Social Security numbers, birth dates, addresses, and, in some cases, driver license numbers. The hackers also accessed credit card numbers for 209,000 US consumers and dispute documents with personal identifying information for about 182,000 US people. Limited personal information for an unknown number of Canadian and UK residents was also exposed. Equifax-which also provides credit monitoring services for people whose personal information is exposed-said the unauthorized access occurred from mid-May through July. Equifax officials discovered the hack on July 29.

"Criminals exploited a US website application vulnerability to gain access to certain files," Equifax said in a statement late Thursday, without elaborating. That leaves open a wide range of possibilities, with injection bugs, faulty authentication mechanisms, and cross-site scripting vulnerabilities topping the list of the most widely exploited website flaws.

Read 3 remaining paragraphs | Comments

index?i=SiMTM7R2SQc:pg-neZGPSWM:V_sGLiPB index?i=SiMTM7R2SQc:pg-neZGPSWM:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments