Equifax 2017 Data Breach
| Company | Equifax |
|---|---|
| Breach Date | May 13, 2017 |
| Disclosure Date | September 7, 2017 |
| Records Affected | 147 million |
The 2017 Equifax data breach was one of the most significant cybersecurity incidents in history, exposing the sensitive personal information of 147 million Americans—nearly half the US population.
What Happened
Hackers exploited a vulnerability in Apache Struts, a popular web application framework, that Equifax failed to patch despite a fix being available for months. The attackers had access to Equifax systems from May to July 2017, stealing massive amounts of data before the breach was discovered.
Equifax waited over a month after discovering the breach to notify the public, during which time several executives sold company stock. The company faced significant criticism for its handling of the incident.
What Data Was Exposed
- Social Security Numbers - 145.5 million SSNs exposed
- Birth dates
- Addresses - Current and historical
- Driver's license numbers - 17.6 million
- Credit card numbers - 209,000 accounts
- Dispute documents - 182,000 with personal information
Who Is Affected
Approximately 147 million Americans who had credit files with Equifax, plus additional victims in the UK and Canada.
How to Check If You Were Affected
Visit the official Equifax Breach Settlement website to check if your information was exposed and claim settlement benefits.What You Should Do Now
- Check if you were affected at the official Equifax settlement site
- Freeze your credit at all three bureaus
- File for settlement benefits - free credit monitoring or cash payment
- Monitor your credit reports regularly
- Consider an IRS Identity Protection PIN
Last updated: January 13, 2026