>> Investors, lawyers, and consumers all taking aim at Equifax Friday after the credit score provider disclosed a massive data breach that could leave millions at risk. Equifax saying hackers had access to the company system from mid-May to July, potentially leaving 143 million US consumers vulnerable. Reuters Cybersecurity Reporter, Dustin Voltz.
>> The Equifax breach is alarming for a lot of reasons. This is a credit monitoring service that collects data from hundreds of millions of consumers, sometimes without their knowledge or consent, and puts it in one place, Social Security numbers, birth dates, names, addresses. So having that amount of information in one place, and now exposed, is highly concerning to cybersecurity researchers, and could have downstream effects for cybersecurity broadly on the Internet going forward.
>> News of the hack sent its stock tumbling, dropping around 13% on Friday. Already two proposed class action lawsuits were filed, one in Portland, and another in Atlanta, alleging Equifax had been negligent in protecting consumer data. New York, Illinois, and Connecticut, Attorney's General said Friday, they were opening separate state investigations.
On Friday, Congress also getting involved. The US House Financial Services Committee saying it will hold a hearing on the hacks.>> Equifax is also being criticized roundly by lawmakers, regulators, and customers for its response. One of the things they did was set up a separate domain, equifaxsecurity2017.com, and that was criticized by cybersecurity experts who said, really they should have used their existing domain to set up a page, so consumers knew that it wasn't a fraudulent page that they were going to, to seek help.
>> Equifax says it discovered the data breach on July 29, and hired a cybersecurity firm to investigate, and adds, there was no evidence of a breach into its core consumer or commercial credit reporting databases.