Hushfolk
Back to breach centre

Equifax breach guide

Equifax data breach: what happened and what to do next

You do not need drama. You need signal. Here is the fast reality: what was reported, what may be exposed, and the practical moves worth doing right now.

Status: Confirmed

Last updated: 22 May 2026

Run free scan from this breach contextView sources
Equifax breach summary image

Summary box

Incident date
01 May 2017
Reported date
01 Sept 2017
Sources verified
2

Company

Equifax

Status

Confirmed

Data potentially exposed

Names, Addresses, Dates of birth, National ID numbers

Affected scope

One of the largest credit-reporting breaches, with widespread personal data exposure.

1. What happened?

Equifax disclosed a major breach involving highly sensitive identity data used in credit and fraud workflows.

  • Attackers exploited a known vulnerability in web infrastructure.
  • Sensitive identity records were accessed at scale.
  • The breach triggered long-term fraud and credit risk concerns.

2. Who may be affected?

  • Consumers with credit-file and identity records in affected systems.
  • People with long-lived identifiers tied to financial products.
  • Individuals receiving post-breach fraud attempts.

3. What should users do now?

  • Monitor credit activity and suspicious financial alerts.
  • Harden email and banking account security with MFA.
  • Use unique credentials for finance-related services.
  • Watch for identity-theft signals over the long term.

4. How exposure can spread beyond one incident

Identity-grade data exposure can support durable fraud attempts years after initial disclosure.

5. How Hushfolk helps

Hushfolk helps users prioritise identity-hygiene actions when sensitive records may be in circulation.

Check known breach and exposure signals

Terms in this article

New to security jargon? These quick definitions keep the page readable.

Need the full list? Open the security glossary.