Advertisement

Equifax data breach: Tips for Canadians whose info may have been hacked

Click to play video: 'Massive cyber-attack at Equifax could leave millions vulnerable'
Massive cyber-attack at Equifax could leave millions vulnerable
ABOVE: Equifax says hackers may have stolen personal information -- including social security and credit card numbers -- from as many as 143 million customers – Sep 8, 2017

Credit reporting giant Equifax has yet to reveal how many Canadians had their personal information hacked over the spring and summer when the company’s database was breached.

Equifax discovered the hack July 29 but waited until Thursday to warn consumers that criminals exploited a U.S. website application to access files between mid-May and July of this year.

The breach exposed the information of an “unknown” number of people living in Canada and the United Kingdom.

Hackers were able to get consumers’ names, social insurance numbers, birth dates, addresses, credit card information and, in some cases, driver’s license numbers. This information is enough for the thieves to hijack the identities of people whose credentials were stolen.

Story continues below advertisement

“There are 26 million people who have credit scores in Canada,” financial literacy and credit score expert, Chantal Chapman said. “With the information that was taken, a person could fill out a  mortgage application or buy a cellphone. It’s pretty scary.”

WATCH: Debit, credit slowly becoming Canadians favourite compared to cash

Click to play video: 'Debit, credit slowly becoming Canadians favourite compared to cash'
Debit, credit slowly becoming Canadians favourite compared to cash

Have you been hacked?

Equifax established a website where people can check to see if their personal information may have been stolen. Consumers can also call 1-866-447-7559 for more information.

READ MORE: What to do when thieves get your cards and PIN

Equifax said it will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted.

Story continues below advertisement

What to do if your information has been hacked

If you do find your personal information may have been impacted, there are a few steps you can take to protect yourself from identity theft.

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.

Get daily National news

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

Monitor your Equifax credit score. You should watch your credit score as soon as possible and keep an eye on it to make sure nothing suspicious is happening, Chapman said. There are a number of free credit monitoring services out there, like Mogo. If you monitor your score monthly and then see your credit rating drop, it’s an indication something has happened, she added.

Watch your credit inquiry. “Anytime someone checks credit it’s a hit on your credit score,” Chapman said. There can be a soft hit (when you check your own credit) and then there’s a hard hit (applying for a credit card). You can order a credit inquiry through Equifax.

Freeze your credit reports. You can freeze your Equifax account, consumer advocate and chairman of security firm CyberScout, told Marketwatch. This restricts access to your credit report, which helps prevent other credit card companies from accessing it to open up new accounts.

If your SIN was stolen, file a police report. A social insurance number is the Holy Grail of identity theft, according to finance magazine, Kiplinger. You should file an identity theft police report and send a copy of it to Equifax.

Check your bank and credit card statements. Keep a close eye on your credit statements for suspicious activity over the past several months. Report any suspicious charges and cancel your compromised card for a new one.

Alert bank and strengthen your password. Let your bank, or any other company overseeing another financial account, know about the breach. You should also change your password with a two-factor authentication (password and confirmation via phone number).

WATCH: Warnings about card skimming

How many Canadians?

The breach exposed the information of an “unknown” number of people living in Canada. The company has not yet released how many Canadians are affected but said nearly 143 million Americans had their data breached.

Story continues below advertisement

“Equifax will work with U.K. and Canadian regulators to determine appropriate next steps,” the credit monitoring company said in a statement.

Why did Equifax wait to tell the public?

Equifax waited six weeks to disclose that sensitive information was hacked in a data breach.

“Equifax discovered the unauthorized access on July 29 of this year and acted immediately to stop the intrusion,” Equifax said in a statement. “The company promptly engaged a leading independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted.

LISTEN: Author of “Techno Creep” on how Canadians can protect their personal information online

Story continues below advertisement

“Equifax also reported the criminal access to law enforcement and continues to work with authorities. While the company’s investigation is substantially complete, it remains ongoing and is expected to be completed in the coming weeks.”

The Atlanta-based company declined to comment on that delay or anything else beyond its published statement.

WATCH: Hacker steals data on 500 million Yahoo accounts

Click to play video: 'Hacker steals data on 500 million Yahoo accounts'
Hacker steals data on 500 million Yahoo accounts

Three Equifax executives sold shares worth a combined $1.8 million just a few days after the company discovered it had been hacked, according to documents filed with securities regulators. In a subsequent statement, Equifax said the three executives “had no knowledge that an intrusion had occurred at the time they sold their shares.”

 

Equifax handles data on more than 820 million consumers and more than 91 million businesses worldwide and manages a database with employee information from more than 7,100 employers, according to its website.

Story continues below advertisement

*With files from the Associated Press

Sponsored content

AdChoices