The Equifax cybersecurity breach that was announced Thursday and may have affected 143 million U.S. consumers' personal information is sparking outrage in the financial services community.
House Financial Services Committee Chairman Jeb Hensarling announced Friday that he would hold a hearing, and Attorney General Eric T. Schneiderman of New York said he was launching a formal investigation.
Financial reform groups are also warning that the massive breach underscores the need to curb mandatory arbitration and oversee credit bureaus.
"Criminals exploited a U.S. website application vulnerability to gain access to certain files, Equifax said in a statement. "Based on the company's investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax's core consumer or commercial credit reporting databases."
The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver's license numbers.
In addition, Equifax said credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.
Equifax tweeted early Friday:
We recently discovered a cybersecurity incident involving consumer information. Once discovered, we acted immediately to stop the intrusion.
— Equifax Inc. (@Equifax) September 7, 2017
(2/2) We apologize to our consumers and business customers for the concern and frustration this causes. Learn more: https://t.co/ivVHFb2xA4.
— Equifax Inc. (@Equifax) September 7, 2017