CLOSE

Nearly half of all Americans are affected by a cyber security breach at Equifax, one of the nation’s three major credit-reporting agencies. Here’s how to avoid being a victim.
USA TODAY

Two key U.S. senators Monday sought detailed information from Equifax about the cyberbreach that potentially compromised the personal information of 143 million U.S. consumers.

Sen. Orrin Hatch, R-Utah, who chairs the Senate Committee on Finance, and Sen.Ron Wyden, D-Oregon, the panel’s ranking minority member, asked the credit-reporting giant for a timeline of the breach, along with details of Equifax’s efforts to quantify the scope of the intrusion and limit consumer harm.

They also asked whether records related to the IRS, the Social Security Administration and the Centers for Medicare & Medicaid Services were compromised, and questioned Equifax about its cybersecurity protections and testing procedures.

“If the names, Social Security numbers, birth dates, and other information of 143 million Americans are now in the hands of cybercriminals, this breach will cause irreparable harm to programs within this Committee’s jurisdiction by way of stolen identity refund fraud, healthcare fraud, and entitlement fraud,” Hatch and Wyden wrote in a copy of the letter that was obtained by USA TODAY.

Stating that the information would be used to shape how the Senate committee “might respond to mitigate the damage,” the letter requested an electronic response from Equifax by Sept. 28.

Equifax, one of the nation’s three-largest credit-reporting companies, did not immediately respond to a message seeking comment on the letter.

Equifax publicly disclosed the breach on Thursday, weeks after what the company said was its July 29 discovery of the intrusion and hiring of an independent cybersecurity firm to conduct an assessment and help strengthen electronic safeguards against any new attack. 

As yet unidentified criminal hackers carried out the cyberattack from mid-May through July 2017, Equifax said. The breach primarily involved consumers’ names, Social Security numbers, birth dates, addresses, and in some cases, driver’s license numbers, the company said last week.

The information sought from Equifax by the senators included:

  • A “detailed timeline of the breach,” from its…