SALT LAKE CITY— Utah officials said Friday they are uncertain how many people in the state were affected by Thursday's announcement of the Equifax hacks..
The Equifax credit reporting agency revealed that personal information of as many as 143 million consumers may have been compromised. Hackers may have gained access to Social Security numbers, birth dates, addresses and legal names — information that hackers could then use to commit identity fraud.
Additionally, hackers may have accessed some 209,000 credit card numbers and the personal information contained in sensitive documents belonging to 182,000 people in the U.S.
The news of the cybersecurity breach inspired financial and political backlash with Equifax losing almost $2.3 billion in market value and seeing calls from Congress that Equifax withdraws its requirement that those who sign up for its credit monitoring waive the right to sue the company.
"The 143 million is big, but the reason why it's probably more important than the Yahoo attack is because of the type of information that the credit bureaus have," said Sgt. Jeff Plank of Utah's State Bureau of Investigations.
Utah Department of Public Safety Commissioner Keith Squires joined Plank Friday to describe the extent of the hack, as they understand it, and to describe Utah's own method for defending against such attacks.
Plank said the "Utah model" for cybersecurity partners the Utah Department of Technology Services with the Statewide Information Analysis Center and the State Bureau of Investigation, as well as the FBI Cyber Task Force to share information and coordinate investigations of cyber attacks.
"One victim might be in Pennsylvania and another victim might be in Los Angeles," Plank said. "It makes it a lot easier to go after that subject if we know there's more victims and the dollar amount is more."
Squires said the recent hack highlights vulnerabilities people face with cybercrimes and the need for people to take their own steps to reduce personal risks.
"A lot of people have not reported cybercrimes in the past," Squires said.
He encouraged individuals who believe they have had their information breached to report the incidents to the Utah Department of Public Safety or go directly the the FBI Internet Crimes Complaint Center.
Phil Bates, the information security officer for the Department of Technology Services, said that in addition to basic steps like always having varied and complex passwords, people should act under the assumption that they have been affected each time there is a major cybersecurity attack.
"I just assume that it has probably been compromised somewhere and I just kind of play the preventive game," Bates said.
He also said people being proactive should change their passwords whenever an attack does happen. He also recommends credit score monitoring and said people should set up a notification service with their bank to alert them anytime a transaction is made through their accounts.
Contributing: Associated Press