The Globe and Mail | Tami Chappell/REUTERS | Sep 19, 2017

Equifax Canada said Tuesday approximately 100,000 Canadian consumers may have had their personal information and credit card details compromised in a massive cyberattack that also affected 143 million Americans, as the U.S. parent company revealed it also had a separate data breach this year.

"We apologize to Canadian consumers who have been impacted by this incident," Lisa Nelson, president and general manager of Equifax Canada, said in a statement.

"We understand it has also been frustrating that Equifax Canada has been unable to provide clarity on who was impacted until the investigation is complete."

See:  How fintech companies are trying to make cryptocurrency investments safer

Equifax announced on Sept. 7 that it discovered a data breach in July that may have compromised the personal information of 143 million Americans and an undisclosed number of Canadian and U.K. residents.

But the company, which collects data about consumers' credit histories and provides credit checks to a variety of companies, had been tight-lipped about the impact of the cyberattack in Canada.

Canada's privacy watchdog announced last Friday that it was probing the data breach.

The Canadian division said Tuesday an investigation is ongoing and it appears that the breached data may have included names, addresses, social insurance numbers and, in limited cases, credit card numbers.

Equifax Canada has provided information to MasterCard and Visa about Canadians whose credit card details may have been compromised for communication to the financial institutions involved, which will then communicate with consumers, the company said in an update on its Canadian website.

Hackers accessed Equifax Canada's systems through a consumer website application intended for use by U.S. consumers, it said. The hackers apparently obtained access to files containing the personal information of some Canadian consumers through the interface.

"Equifax Canada can confirm that Canadian systems are not affected," it said on its website.

"We have found no evidence of unauthorized activity on Equifax's core consumer or commercial credit reporting databases. Equifax Canada systems and platforms are entirely separated from those impacted by the Equifax Inc. cybersecurity incident widely reported in the U.S."

Equifax's investigation so far shows that hackers had unauthorized access to its files from May 13 to July 30. Equifax Canada said it is working closely with its parent company and an unnamed, independent cybersecurity conducting the ongoing investigation.

The cyberattack occurred through a vulnerability in an open-source application framework that was detected and disclosed in March. The U.S. parent company revealed on Tuesday it also had a security breach earlier this year that involved a different part of the company than the one accessed in the larger hack.

Continue to the full article --> here

The National Crowdfunding Association of Canada (NCFA Canada) is a cross-Canada non-profit actively engaged with both investment and social crowdfunding, blockchain ICO, alternative finance, fintech, P2P and online investing stakeholders across the country.  NCFA Canada provides education, research, leadership, support, and networking opportunities to over 1600+ members and works closely with industry, government, academia, community and eco-system partners and affiliates to create a vibrant and innovative online financing industry in Canada.  Learn more About Us or visit ncfacanada.org.