Equifax lost control of their database of highly detailed quietly collected and private consumer Credit data for 143 Million US consumers -- 44% of US population.
Information accessed included names, social security numbers, birth dates, addresses, and in some instances driver's license numbers.
Equifax is believed to have first become aware of the incident on July 29, while the breach is believed to have occurred from mid-May through July. So that's half of May, June, and July -- or ~2.5 months of unauthorized access to the most sensitive and privacy-requiring consumer financial data before the intrusion was detected.
This, of course, raises broad concerns regarding Equifax's overall data security and practices. Equifax kept it secret for five weeks.... Equifax was first unaware of the breach for about two and a half months, then they waited for five weeks after learning about it -- while their database was leaked and the personal details of 143 million US consumers sensitive consumer data was in the wild before disclosing this to the public so that the public could take action to protect themselves.
What you can (must!) do:
Establish monitoring for unusual access patterns to your public Web resources. Nowadays there are a lot of open source and commercial products available to detect such patterns and give alerts. We recommend such monitoring as good operations practice for business-critical Web-based services.
I found this useful website with good information and guidance about how to freeze your credit.
The cost varies, depending upon where you are, from $3 to $10. In California, it was $10. You may have to pay to thaw it when needed.
It's sad that we have to do this but an ounce of prevention is better than a pound of cure.