Skip to main content

The Globe and Mail

The latest: What you need to know after the Equifax security breach

What happened: On Sept. 7, Equifax announced a cybersecurity breach that it says affected about 143 million American consumers, as well as an undisclosed number of people in Canada and the U.K. Equifax said criminals "exploited a U.S. website application vulnerability" to gain access to certain files. It said it learned of the incident on July 29 and that an investigation showed the files were accessed from mid-May through July, 2017. For a full timeline, click here.

The Canadian angle: On Sept. 19, Equifax Canada said about 100,000 Canadian consumers were affected, but added the information may change as the investigation continues. It said the information that may have been breached includes names, addresses, social insurance numbers and, in limited cases, credit card numbers. It said the criminals accessed Equifax's systems through a consumer website application meant to be used by U.S. consumers. Canadians affected by the breach will receive notices by mail outlining the steps they should take. Canadians affected will also receive 12 months of free credit monitoring and identity theft protection.

For Canadians whose credit card details have been compromised in this incident, Equifax says it has reached out to MasterCard and Visa, which will then communicate with the financial institution behind those accounts. From there, the financial institutions will get in touch with their customers, Equifax said on its website. "You will still be notified by us independently by mail and have the opportunity to enroll in our complimentary credit monitoring and identity theft protection service," the company stated. It said people not contacted but who still have questions can reach them at 1-866-828-5961 or by e-mail at EquifaxCanadaInquiry@equifax.com or visit the company's website: https://www.consumer.equifax.ca

Story continues below advertisement

What Canadians should do next: Regardless of whether you've been affected by the Equifax breach, Canadians are advised to be more vigilant about their personal data. Sadly, security breaches are increasingly common. Canadians may wish to set up a fraud alert on their credit reports, which is a flag to anyone requesting your credit file that you suspect you may be a fraud victim. When someone tries to open a credit account in your name, or make changes to an existing account, the creditor needs to take additional steps to verify the request. Some consumers may also wish to set up a more advanced credit monitoring service for a monthly fee of $19.95. (Reminder: those affected by the Equifax breach will get this service for free for a year).

Consumers can also receive free credit reports, upon request, by contacting Equifax or TransUnion. In addition, consumers can be extra vigilant by setting up e-mail or text alerts through their bank that tells them when there's activity in their accounts, such as credit card purchases or debit transactions. Most banks offer this service through their online banking platform.

All Canadians should regularly monitor their bank and credit card statements for unauthorized transactions, and contact their financial institution immediately if they see anything fishy. Consumers may also want to regularly check services such as https://haveibeenpwned.com/, which shows consumers if their e-mail or username has been affected by past breaches. Experts recommend changing passwords regularly for e-mail and other accounts that hold personal information.

Rob Carrick outlines the steps Canadian should take to deal with the Equifax security breach which exposed the personal information of tens of thousands of people
Report an error Editorial code of conduct
Tickers mentioned in this story
Unchecking box will stop auto data updates
We have temporarily removed commenting from our articles. We expect to have our new commenting system, powered by Talk from the Coral Project, running on our site by the end of April, 2018. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.