Consumer notifications will provide clarification on the specific information impacted
Equifax Canada has now concluded its investigation of the cybersecurity incident suffered by Equifax Inc. and announced September 7, 2017, including the process to identify the individual consumers potentially impacted by the event.
Notification letters are now in the process of being mailed to impacted Canadian consumers. As has been previously communicated, these letters will include an offer for complimentary credit monitoring and identity theft protection services. Consumers are reminded that Equifax Canada will only contact them by mail, and will not make any unsolicited telephone calls, or send any unsolicited emails asking for their personal information.
Consumer notification letters will also provide detail on the types of data that was potentially impacted for each consumer. Potentially impacted information may include names, addresses, gender, and Social Insurance Numbers, as well as usernames, passwords, and secret question/secret answers, which Equifax believes are several years old and were login credentials for use of its direct-to-consumer website.
Equifax Canada continues to work closely with the Office of the Privacy Commissioner of Canada (OPC) and other regulators.