Equifax data breach likely touched millions of Canadians

It’s usually the site that helps protect those who suspect they’ve been the victim of identity theft, but Equifax says it’s now the victim of a cyber security incident, where hundreds of millions of people around the world may have been exposed.

“This is the biggest we’ve ever seen in terms of the depth of the data that was taken,” said Daniel Tobok, cyber security expert and CEO with Cytelligence. “Their security was good, but it should have been excellent. This is pretty scary for consumers.”

The large scale breach was discovered on July 29th, but only made public on Thursday. The global company said 143 million Americans along with an unspecified number of people living in Canada and the United Kingdom were affected.

Tobok estimates between 12-to14-million Canadians are going to be affected by this breach. He says it isn’t only Equifax customers who were exposed.

“Every time you do a transaction, Equifax gets to retain that copy,” he explains. “You don’t even have a choice.”

Questions regarding the actions of top Equifax executives are also being raised. Tobok says it’s “extremely suspicious” that three top executives sold shares following the breach.

“The three executives who sold a small percentage of their Equifax shares on Tuesday, Aug. 1, and Wednesday, Aug. 2, had no knowledge that an intrusion had occurred at the time they sold their shares,” an Equifax spokesperon tells CityNews in an statement.

The company says it acted immediately on the breach, which occurred between mid-May through July. Amongst the information hackers accessed were social security numbers, birthdays, names, drivers licenses and in some cases credit card numbers.

There’s still no word on who’s behind the hack, whether it’s politically motivated by a state sponsor or organized crime interested in financial gain.

“It probably took them anywhere between eight to nine months to actually get into Equifax and be able to consolidate that information,” Tobok said.

Tobok’s Equifax Breach Tips

• – Monitor your Equifax credit score
• – Freeze your credit reports
• – If your S.I.N was stolen, it’s important to file a report with police.
• – Inform your bank of any suspicious activity: They’ll put special filters to alert them on any suspicious activities.

The Office of the Privacy Commissioner of Canada didn’t even know about the breach, saying it only heard about it through media reports.

“We have reached out (to Equifax) yesterday to gather more information on the breach and have requested a full report, including details on how Canadians were affected,” a spokesperson said.

The agency, whose mission is to protect and promote privacy rights of Canadians has already received complaints related to the breach.

In a tweet posted yesterday, New York State Attorney Eric Schneiderman, said he would be launching a formal investigation into the breach.

“As a government, we need to keep this organization liable and accountable for their actions,” Tobok said.

Saturday afternoon, Equiafax said it found no evidence personal information of consumers had been impacted, but Tobok says the threat is still there.

“Even some government ministries don’t have the type of private and sensitive information that Equifax holds on every citizen or record they have,” he said. “I think the chances are pretty slim of finding out who’s actually behind it.”

Equifax created this website to keep consumers updated on the cyber security incident.