The social security numbers of roughly 143 million Americans — nearly half the country’s population — were exposed after a breach at credit report agency Equifax, the company said Thursday.
The numbers, along with tons of other “personal identifying information” were hacked after “criminals” accessed files between May and July, according to the Atlanta-based firm.
Social Security numbers, birthdays, addresses and driver’s license numbers were taken, as well as the credit card numbers of 209,000 U.S. customers, in the high-tech heist.
Equifax is one of the largest credit monitoring agencies in the country — tracking and rating the financial history of consumers.
It follows data tied to loans, loan payments and credit cards.
The company also collects information on everything from missed rent and utilities bills, child support payments, credit limits, addresses and employment history.
“On a scale of one to 10, this is a 10 in terms of potential identity theft,” said Gartner security analyst Avivah Litan. “Credit bureaus keep so much data about us that affects almost everything we do.”
Lenders rely on the information collected by Equifax to help them decide whether to approve financing for homes, cars and credit cards.
Credit checks are even sometimes done by companies when deciding whether or not to hire potential employees.
Equifax discovered the hack July 29, but waited until Thursday to warn consumers.
The company declined to comment on the delay.
It’s not unusual for U.S. authorities to ask a company hit in a major hack to hold off on alerting consumers so that investigators can hunt down the hackers.
“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” CEO Richard Smith said in a statement.
Equifax also denied that a trio of top executives who sold stock just days after the massive security breach were aware of the hack at the time.
Three higher-ups at the company, including chief financial officer John Gamble, sold shares worth a combined $1.8 million in the days after the discovery, Bloomberg News reported Thursday evening.
Equifax told the outlet that the executives “had no knowledge that an intrusion had occurred at the time.”
The Equifax hack is one of the largest ever reported, though does not rival the 1 billion account breach Yahoo disclosed last year.
The theft could be the largest of its kind involving Social Security numbers, one of the most common methods used to confirm a person’s identity.
It far surpasses the 2015 breach of health insurer Anthem that affected roughly 80 million people.
The attack is particularly damaging for Equifax given the company’s position as one of the top three companies of its kind.
“This really undermines their credibility,” Litan said.
Those worried about their data should visit the website www.equifaxsecurity2017.com to see if they are impacted.
The company said those whose personal information or credit card information were breached will be contacted by mail.
With News Wire Services.