Credit referencing firm Equifax has reported a cyber-breach that compromised the personal information of approximately 143 million US consumers – almost half of the country. The company said a US website application’s vulnerability was exploited to gain access to certain files between the months of May and July of this year. Equifax came to know of this on July 29.

The cyber criminals have access to names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.  Additionally, credit card numbers for approximately 209,000 U.S. consumers, and personal identifying information for approximately 182,000 U.S. consumers involved in credit report disputes, were accessed. Equifax reports that residents of UK and Canada were also impacted.

Equifax chairman and CEO, Richard Smith, says: “This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologise to consumers and our business customers for the concern and frustration this causes.” He also said, “I’ve told our entire team that our goal can’t be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight. While we’ve made significant investments in data security, we recognize we must do more. And we will.”

The firm has established a dedicated website, www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The consumers can check to see if they’ve potentially been impacted by submitting their name and the last six digits of their social security number.