Equifax says 143 million U.S. consumers may have been affected in cyberattack

EquifaxInc. said after the close of stock markets on Thursday that itwas the victim of acybersecurity breach that may affect approximately 143 millionU.S.consumers.

The Atlanta-based consumer credit reporting agency said the perpetratorsexploited aU.S.website application vulnerability to gain access to some files. Equifax said that based on itsinvestigation, the unauthorized access occurred from mid-May through July 2017.

Information accessed in the breach primarily includes names, Social Security numbers, birth dates, addresses and somedriver's licence numbers.

Equifax also saidcredit card numbers for approximately 209,000U.S.consumers, and some dispute documents with personal identifying information for approximately 182,000U.S.consumers, were accessed.

• Karim Baratov, alleged Yahoo hacker, pleads not guilty in U.S. court
• Petya ransomware cost world's biggest container ship company up to $300M

Additionally, Equifax also found unauthorized access to limited personal information for some Canadian and U.K. residents. The number of people affected in that part of the security breach was not disclosed.

"Equifax will work withU.K. and Canadian regulators to determine appropriate next steps," the company said, adding that it has "found no evidence that personal information of consumers in any other country has been impacted. "

The company said it found the unauthorized access on July 29, and hired a cybersecurity firm that has been conducting a forensic review to determine the scope of the breach,including the specific data impacted.

Shares of Equifax fell more than six per cent to $134 US in after-hours stock trading following the announcement.