Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Equifax Breach Affects 100,000 Canadians

Equifax revealed on Tuesday that the recent data breach affects roughly 100,000 Canadian consumers, but the company’s systems in Canada were not compromised.

Equifax revealed on Tuesday that the recent data breach affects roughly 100,000 Canadian consumers, but the company’s systems in Canada were not compromised.

Equifax Canada said the company’s investigation is still ongoing, but it believes the incident affects approximately 100,000 Canadians. Similar to the United States, the exposed information includes names, addresses, social insurance numbers, and, in some cases, credit card numbers.

“Equifax Canada can confirm that Canadian systems are not affected. We have found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases. Equifax Canada systems and platforms are entirely separated from those impacted by the Equifax Inc. cybersecurity incident widely reported in the U.S.,” the company said.

Impacted individuals will be notified via mail and they will be offered credit monitoring and identity theft protection services for one year at no charge.

Equifax said it notified MasterCard and Visa about the payment cards compromised in the breach. The company has also informed the Privacy Commissioner of Canada (OPC), the Commissioners in Alberta, British Columbia, and Quebec, and consumer reporting registrars in Ontario, Alberta and Saskatchewan.

While the number of individuals affected by the breach in Canada has only now come to light, some Canadian consumers launched a class action lawsuit within a week of disclosure. The initiators of the suit are seeking damages of $550 billion CAD ($450 billion US).

Advertisement. Scroll to continue reading.

Equifax said cybercriminals had access to its U.S. systems between mid-May and late July after leveraging an Apache Struts 2 vulnerability that had been exploited in the wild since March.

The company said the breach affects roughly 143 million U.S. consumers and 400,000 customers in the United Kingdom. In the case of the U.K., the credit reporting agency revealed that the data was stored on U.S. systems between 2011 and 2016 due to a “process failure.” No such explanation has been provided by Equifax Canada.

Equifax stock has dropped from roughly $140 to just over $90 following the breach and experts believe it could plunge as low as $50. The incident has already cost the company nearly $10 billion in market value.

The company’s Chief Security Officer and Chief Information Officer retired after the hack came to light.

In the United States, the Federal Trade Commission (FTC), congressional committees, and the Attorneys General in 40 states have announced the launch of investigations into the Equifax breach.

Related: Industry Reactions to Equifax Hack

Related: Equifax Cybersecurity Failings Revealed Following Breach

Related: Scammers Offer to Sell Data Stolen in Equifax Hack

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

BlueVoyant has appointed Ravi Subramanian as CFO and Jamie Coleman as CCO.

Solana Foundation has appointed Michael Coates as Chief Information Security Officer.

Michael Sikorski has joined Coinbase as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.