Skip to main content


Equifax Data Breach: What You Should Know

The recent data breach at Equifax has resulted in a number of questions from concerned individuals around the country, including the MSU Denver community. To help clarify the scope and importance of this data breach, the ITS Information Security team has prepared the following quick reference: 

  • Who was affected by this breach?  143 million Americans.
  • What was exposed?  143 million Social Security numbers. Hundreds of thousands of credit card numbers and other information was also exposed.
  • Where did this breach occur?  Equifax, one of the three primary credit reporting agencies in the United States, was targeted by hackers. Preliminary investigations indicate that the attackers exploited vulnerabilities in the Equifax website to gain access to the data. 
  • When did this occur?  The breach was discovered on July 29, and announced to the public on September 7th, 2017.  Unauthorized access to consumer data likely occurred between May and July 2017.
  • Why is this such a big story?  The type of data that was exposed is incredibly sensitive, and is likely to be used for fraudulent activities. Unfortunately, prevailing opinion that Equifax’s response has been slow, unprofessional, and incomplete is compounding concern rather than mitigating it. 

While there have been numerous breaches where millions of email addresses and passwords have been exposed, passwords can be changed with very little effort. Driver’s licenses and credit cards can be reissued, but at no small effort or cost.  Social Security numbers are very rarely changed, and at a great deal of effort.  Other sensitive information that was exposed cannot be changed. 

Many people are asking what they should do in response to this incident.  The website has good recommendations at

More details about this event are available online, including the following:

Edit this page