Equifax hack "basically the Irma of data breaches," expert says

WASHINGTON -- Equifax revealed Thursday that hackers earlier this year stole personal information on as many as 143 million Americans.

The company keeps track of the credit ratings of American consumers, which means its database is a massive treasure trove of personal information including birth dates, Social Security numbers and addresses.

reid-equifax-consolidated-01-frame-667.jpg

Avivah Litan

CBS News

"This is basically the Irma of data breaches. It's a 10 on a scale of one to 10," said cybersecurity analyst Avivah Litan.

For the hackers it's like finding a gold mine.

"They can take out a mortgage, they can file tax refunds, they can file for Social Security benefits, you name it. They can take all your benefits away," Litan said.

She says consumers "need to be hyper vigilant and monitor their accounts."

Equifax CEO Rick Smith posted a statement on the company's website.

"I apologize to every affected consumer," he said. "While we've made significant investments in cyber security we have more to do, and we will."

Maybe so, but this is the third major hack of Equifax in less than two years.

"It makes you wonder did they do as much as they could have done," Litan said.

Critics also wonder why Equifax waited six weeks to announce the hack. And they want to know why three senior executives sold $1.8 million in Equifax stock soon after the hack was discovered. Equifax says the executives did not know about the breach at the time.

The perpetrators of the hack have not yet been identified but some experts say that these massive hacks are often done by international cyber-criminal organizations who then sell the information to Russia or China for millions of dollars.

  • Chip Reid

    Chip Reid is CBS News' national correspondent.