in

If you regularly use Equifax, the well-known Atlanta, Georgia-based consumer credit reporting agency, you should be aware that the company recently experienced a cyber security incident that could impact up to 143 million consumers (some of which are in Canada).

The company has said, however, that there's been no evidence of unauthorized access to core consumer or commercial credit reporting. Equifax also said it's offering free identity theft protection and credit file monitoring to U.S. consumers.

In a statement, Equifax said that perpetrators exploited a U.S. website application vulnerability to gain access to certain files. Internal investigation has revealed that the unauthorized access occurred from mid-May through July 2017.

The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.

Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents and is working with UK and Canadian regulators to determine appropriate next steps.

Equifax says it discovered the unauthorized access on July 29 and immediately engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. The breach has also been reported to police.

“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” said Richard F. Smith, chairman and CEO. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident.”

Equifax has established www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection.

In addition to the website, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted.