Equifax said it was working with law enforcement agencies to investigate and had hired a cyber-security firm to analyze what happened. The FBI is also believed to be monitoring the situation.
The company said it would work with regulators in the US, UK and Canada on next steps. It is also offering free credit monitoring and identity theft protection for a year.
Equifax said it had set up a website – www.equifaxsecurity2017.com – through which consumers can check if their data has been caught up in the breach. Many people trying to visit the site reported via social media that they had problems reaching it and that security software flagged it as potentially dangerous.
The breach is one of the largest ever reported in the US and, said experts, could have a significant impact on any Americans affected by it.
Equifax holds data on more than 820 million consumers as well as information on 91 million businesses.
Kmart discount chain, the latest victim of hacker attacks on retailers, said it detected a security breach last week and is investigating the incident with law enforcement officials.
Cash registers at 1,200 Kmart stores were infected with malware that scooped up payment card numbers for over a month, reports the retailer.
In a statement, Kmart said the security breach was discovered on October 9 and that the malware had been operating since early September.
An initial investigation suggests the cyber-thieves stole credit and debit card numbers.
So far, it is not clear how many cards and customers have been affected.
In its statement, Kmart said no personal information, pin codes, email addresses or social security numbers were taken with the card numbers.
Kmart has become the latest victim of hacker attacks on retailers
The malware has now been removed and the breach contained, Kmart said, but it was continuing its investigation to gauge its full impact.
It added that there was no evidence that any of the card numbers stolen were being used to create counterfeit cards and land victims with bills for items they did not buy.
Despite this, Kmart said it would be offering free credit monitoring protection for customers to ensure any fraudulent use of their cards did not affect their credit score.
The US Secret Service, which leads investigations into financial fraud, is known to be investigating the case.
“I sincerely apologize for any inconvenience this may cause our members and customers,” said Alasdair James, president of Kmart, in the statement.
News about the Kmart breach comes soon after the Dairy Queen restaurant chain revealed that some of its outlets across 46 states were hit by hackers. Malware was used to steal names, card numbers and expiration dates of payment cards at 395 restaurants.
Many large US stores have been hit by attackers that target till systems in recent months. The largest attack was against Target in which thieves stole details of 40 million payment cards.
Shawn Henry, a former FBI officer, who is now head of security firm CrowdStrike Services, said retailers needed to do a better job of detecting breaches quickly before large numbers of payment data was stolen.
The computer networks of retailers were so large that attackers were more than likely to find a way in, he told Reuters.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.