ATLANTA -- The personal information of potentially 143 million Americans may have been accessed by criminals in a cybersecurity incident involving Equifax, one of the three major credit reporting agencies.
Equifax has set up a tool to see if your personal information may have been accessed.
Editor's note: Many users are currently reporting the tool is not working for them. While some users are getting a "no" message, many users are only seeing a date for "TrustedID Premier." If you do not receive a "yes" or a "no," you're encouraged to try again at a later time.
After filling out some personal information on the form, you will get a message indicating whether your personal information may have been impacted by the incident.
Regardless of whether your information may have been impacted, Equifax is providing you the option to enroll in “TrustedID Premier” identity theft protection and credit file monitoring service.
Equifax said 143 million consumers could be impacted. According to census.gov, the US population is just over 325 million.
The company discovered the breach on July 29 and unauthorized access started in mid-May.
In addition to the breach, credit card numbers for approximately 209,000 consumers "and certain dispute documents, which included personal identifying information, for approximately 182,000 consumers" were accessed during the incident.
"We identified a cybersecurity incident potentially impacting approximately 143 million U.S. consumers," Equifax said in a statement. "Criminals exploited a U.S. website application vulnerability to gain access to certain files. We discovered the unauthorized access and acted immediately to stop the intrusion."
The company has engaged with a separate cybersecurity firm to conduct a forensic review of the intrusion and law enforcement officials are currently investigating.
According to Equifax, investigators have found no evidence of "unauthorized activity on Equifax’s core consumer or commercial credit reporting databases."
Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents, according to the statement.