Equifax Inc, a provider of consumer credit scores, on Thursday said that the personal details of 14.3 crore United States consumers were accessed by hackers between mid-May and July, in one of the largest data breaches in the United States, Reuters reported.

The Atlanta-based firm said it discovered the breach on July 29. It said criminals exploited a US website application vulnerability to gain access to certain files that included names, social security numbers and driver’s licence numbers.

Credit card numbers of 2,09,000 US consumers were also accessed, along with information of some residents of the United Kingdom and Canada, Equifax said.

The company said it was working with law enforcement agencies to investigate the breach. Their representatives declined to comment beyond the statement, but said consumers could check if their information had been accessed, at www.equifaxsecurity2017.com. “This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do,” Equifax Chief Executive Richard Smith said.

The Federal Bureau of Investigation is tracking the situation, a spokesperson for the agency told Reuters.

‘A real threat’

Equifax handles data on more than 82 crore consumers and 9.1 crore businesses worldwide.

According to a New York Times report, Equifax, one of the three major consumer credit reporting agencies, was a tempting target for identity thieves.

US Senator Mark Warner, also vice chairman of the Senate Select Committee on Intelligence, said it would not be an “exaggeration to suggest a breach such as this represents a real threat to the economic security of Americans.”

The Equifax breach follows rival Experian Plc’s breach two years ago that exposed the personal data of around 1.5 crore people who had applied for service with wireless network operator T-Mobile US.

Top executives sold stock after hack was discovered

Three senior Equifax executives – Chief Financial Officer John Gamble, President of U.S. Information Solutions Joseph Loughran, and Rodolfo Ploder, president of workforce solutions – sold stock valued at around $1.8 million (nearly Rs 11.50 crore) after the company discovered the data breach, Bloomberg reported. The company’s shares also fell 13% on Thursday, after the data breach was announced.