A well-known consumer credit reporting agency, Equifax, released a statement Thursday saying that hackers had obtained the personal information of up to 143 million Americans. Social security numbers, birth dates, and home addresses were among the sensitive data potentially stolen. Given the volume of exposed data, and the fact that Equifax is one of the three major clearinghouses for Americans’ credit histories, this is a significant cybersecurity breach. Hackers who possess both social security numbers and birth dates hold the main requirements necessary for identity fraud.

The breach began in May and remained active until it was discovered in late July. Equifax said that the breach happened when hackers exploited a website application vulnerability. While the organization said there were no intrusions detected into its “core consumer or commercial credit reporting databases,” the personal data potentially exposed also included driver’s license numbers as well as the credit card numbers for 209,000 consumers and credit dispute documents for 182,000.

This type of information is categorized as personally identifiable information (PII) and is considered particularly sensitive. Beth Givens, executive director of the Privacy Rights Clearinghouse, said that this incident “has the potential to be a very harmful breach to those who are affected by it.”

In a statement published on their website, Equifax chief executive Richard F. Smith said “This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes.”

Equifax said that those affected will be alerted by mail. A website, equifaxsecurity2017.com, was also created for consumers, helping them to understand the breach and check whether or not they were affected. One year of free credit monitoring and identity theft protection is being provided by Equifax to anyone affected.

In the hours following the disclosure of their data breach, Equifax shares plummeted 12 percent. Major data breaches like this one can have a significant impact on a company’s revenue, but not only that, they have a significant impact on a company’s reputation. This particular data breach is especially damaging considering Equifax is the type of firm typically sought out by other companies needing to offer free credit monitoring following their own breaches.

Cyberattacks like this are growing in numbers and escalating in profile, making it more important than ever for businesses to have a clear and detailed cybersecurity plan put in place in the event such a data breach occurs.

Utilizing a cybersecurity firm such as Crossroads, with well-disciplined and experienced cybersecurity professionals, can identify potential vulnerabilities and utlize best-practices and methodologies in the most cost-effective manner to keep your organization operating at optimal security levels, not only now but well into the future. Crossroads will monitor and maintain all aspects of your cybersecurity and compliance needs with 100% accountability based partnering opportunities.

Are you concerned about your organization's cybersecurity posture? Contact the Crossroads cybersecurity team to begin a discusson on your organization's current cybersecurity concerns.