Credit reporting agency Equifax has been breached.
The company today revealed a "cybersecurity incident potentially impacting approximately 143 million U.S. consumers." Credit card numbers for about 209,000 U.S. consumers, and certain dispute documents with personal identifying information for 182,000 U.S. consumers were accessed.
Hackers also got their hands on names, Social Security numbers, birth dates, addresses and some driver's license numbers. At this point, there is "no evidence of unauthorized activity on Equifax's core consumer or commercial credit reporting databases," the company said.
Limited personal information for certain U.K. and Canadian residents was also involved in the breach, though Equifax "found no evidence that personal information of consumers in any other country has been impacted."
Criminals "exploited a U.S. website application vulnerability to gain access to certain files" between mid-May and July 29, when Equifax uncovered the breach.
"This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes," Chairman and CEO Richard F. Smith said in a statement. "We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident."
If you're worried about your data, visit equifaxsecurity2017.com, where you can enter your last name and the last six digits of your Social Security number to see if you were impacted. Equifax is also offering free credit file monitoring and identity theft protection.
For more, check out PCMag's roundup of the Best Password Managers.