What Are Equifax Security Risks?

Equifax exposed the personal information of roughly 147 million people in the 2017 breach.

Key data types included:

• Social Security numbers and dates of birth
• Driver's license numbers and state‑issued ID numbers
• Credit card numbers, expiration dates and security codes
• Dispute‑resolution documents that contained tax identification numbers, medical records and utility bills
• Full names, mailing addresses and email addresses

These details were confirmed by the Federal Trade Commission breach summary.

Hackers broke into Equifax by exploiting an unpatched Apache Struts flaw (CVE‑2017‑5638), which let them execute code on a public web application and upload a web shell. There is no credible evidence they used a default admin password to gain entry.

Once the shell was in place, the attackers moved laterally, accessed the back‑end databases that stored Social Security numbers, dates of birth and driver's license numbers for roughly 147 million US consumers (May‑July 2017), and exfiltrated the data. This foothold set the stage for the broader security failures discussed next.

The Equifax 2017 breach occurred because several core security controls failed simultaneously, allowing attackers to move from an unpatched web server straight into the data warehouse.

• Unpatched Apache Struts vulnerability (CVE‑2017‑5638) left the public‑facing portal exploitable despite a March 2017 patch being available.
• Patch management process was broken; critical updates were not applied across the enterprise environment.
• Network segmentation was inadequate, so once the web server was compromised the attackers accessed internal databases without additional barriers.
• Sensitive data at rest, including SSNs and DOBs, were stored unencrypted or with weak encryption, giving the intruders usable information.
• Authentication mechanisms relied on static, weak passwords and lacked multi‑factor authentication for privileged accounts.
• Logging and monitoring were insufficient; anomalous traffic went unnoticed for weeks.
• Change‑control procedures did not require independent review of code or configuration changes, allowing the vulnerable component to remain in production.
• Third‑party vendor oversight was lax, so external tools with insecure defaults were not vetted before deployment.

Yes, your identity can be compromised because the Equifax 2017 breach exposed Social Security numbers, dates of birth, driver's license numbers and addresses for roughly 147 million primarily U.S. consumers between May and July 2017, and those elements enable criminals to open credit accounts, file fraudulent tax returns or create counterfeit IDs, so the threat is real and ongoing; the earlier section detailed exactly which data were leaked, and the following section will show how to verify whether your records appear in the public dumps.

Mitigate risk by monitoring credit, placing fraud alerts and disputing any unauthorized activity, and see the FTC guide to breach risk for practical steps.

You can verify whether your personal data appears in the Equifax 2017 breach by using the free online lookup tools that Equifax and the FTC provide.

1. Visit the Equifax breach lookup tool, enter your full name, Social Security number, or date of birth, and click 'Search.' The site instantly tells you if your SSN, DOB, driver's license, or other exposed fields match the compromised list of 147 million consumers from May‑July 2017.
2. If the Equifax portal shows no match, cross‑check with the FTC identity theft portal. Enter the same identifiers; the FTC database aggregates data from multiple breach‑related sources, catching cases Equifax may have missed.
3. Review any 'yes' results for the specific data types listed in the breach - SSN, DOB, driver's license, or credit‑card numbers. Note the date the exposure was recorded; this helps prioritize the next steps discussed in '5 urgent steps to limit damage.'
4. Download the PDF report the site generates, store it securely, and forward it to your credit‑monitoring provider if you have one. Having documented proof speeds up dispute resolution, a point we'll expand on in 'Spot early signs of identity theft.'
5. Set up an alert on your credit file immediately. Most major bureaus offer free alerts for new inquiries or accounts; this proactive measure mitigates potential misuse of the exposed data.

Act now to cut the fallout from the Equifax 2017 breach, which exposed SSNs, dates of birth, and driver's licenses of 147 million primarily U.S. consumers between May and July 2017.

• Freeze or lock your credit files with Experian, TransUnion, and Equifax; a freeze blocks new accounts instantly.
• Enroll in free credit‑monitoring alerts that flag inquiries or changes to your reports.
• Change passwords on every online service that used personal data, and enable multi‑factor authentication everywhere possible.
• Scrutinize bank, credit‑card, and medical statements for unfamiliar charges; dispute anything suspicious immediately.
• File a fraud alert with the FTC and consider a reputable identity‑theft protection service for extended coverage.

Now that you've fortified your accounts, keep an eye out for the early warning signs of identity theft.

• Unexpected credit checks, new accounts, or loans you didn't request are immediate red flags.
• Credit card or loan applications that are suddenly denied often signal fraudulent activity on your file.
• Bills, collection letters, or tax forms for debts you never owed indicate misuse of your exposed SSN, DOB, or driver's license.
• Missing or delayed mail - especially replacement IDs or W‑2s - can mean thieves intercepted your information.
• Alerts from credit‑monitoring services (e.g., an FTC guide to spotting identity theft) about suspicious changes should trigger immediate action.

Equifax 2017 breach victims can file a class‑action lawsuit, pursue an individual claim, or submit a complaint to the Federal Trade Commission. The FTC's online portal (file a consumer privacy complaint) routes reports to the agency and to state attorneys general, who may open separate actions.

If you prefer a private settlement, you may negotiate directly with Equifax under the terms of the 2019 settlement, which offers free credit monitoring and up to $125 million in restitution for eligible claimants.

To act, gather your breach‑related documents, then file a claim before the statute of limitations - typically two years for fraud and five years for negligence in most states. If the settlement's $10 million consumer-fund is exhausted, you can still sue for damages in state court, though many courts require arbitration first.

Keep the credit freeze and monitoring steps from the previous section active while you pursue legal redress; they protect you while the case proceeds. Next, we'll explore whether Equifax data may appear on the dark web and how that affects ongoing risk.

Yes, data from the Equifax 2017 breach appears for sale on dark‑web markets.

Researchers have repeatedly documented listings that bundle the exposed data types - social security numbers, dates of birth, driver's license numbers, home addresses, and, in some cases, credit‑card information - into raw CSV files or 'full‑dump' packages. These offers show up on forums such as Hydra, Dream Market, and other underground marketplaces, often priced per 1,000 records.

Typical listings include:

• SSNs paired with DOBs and addresses,
• driver's license numbers alongside full names,
• partial credit‑card numbers (last four digits) when available,
• 'complete' consumer profiles for resale to scammers.

Because the breach affected roughly 147 million primarily U.S. consumers between May and July 2017, the sheer volume makes the data attractive to criminals seeking identity‑theft material. If your information appears in these dumps, you'll see it when you follow the 'check if your information appears in Equifax leaks' step later in this guide.

a href='https://www.secureworks.com/blog/equifax-data-dark-web' >SecureWorks analysis of Equifax dark‑web listings

If you live outside the United States, you were likely not among the 147 million primarily U.S. consumers whose Social Security numbers, dates of birth and driver's‑license data were exposed in the Equifax 2017 breach. Most foreign residents have credit files with local bureaus, so their personal information stays outside the compromised U.S. database.

Nevertheless, Equifax operated subsidiaries in Canada, the United Kingdom and other regions, and some non‑U.S. customers had U.S.‑linked credit histories that the breach pulled. Those records may contain the same identifiers - SSNs, passport numbers, financial accounts - and could be sold on the dark web. Check your national credit report, enroll in local fraud‑alert services, and monitor any account that references Equifax data, as detailed in the Equifax breach settlement details.