Some of your most sensitive personal information may have been compromised in a massive cyberattack on a credit data company.

Around 100, 000 Canadians may have been affected by the Equifax hack, the company announced Tuesday.

Equifax said hackers gained access to a consumer website intended for U.S. customers between mid-May and July.

"We apologize to Canadian consumers who have been impacted by this incident," said Equifax Canada president and general manager Lisa Nelson in a statement posted on the company’s website. "We understand it has also been frustrating that Equifax Canada has been unable to provide clarity on who was impacted until the investigation is complete. Our focus now is on providing impacted consumers with the support they need."

Equifax said names, addresses, social insurance numbers and in limited cases, credit card numbers may have been compromised.

Det. Sgt. Trevor Thompson with the Winnipeg Police Service's Financial Crime Unit said that kind of information is valuable to fraudsters.

"There's a number of things they can do,” said Thompson. “Anything from renting hotel rooms in your name, gym memberships in your name, renting vehicles in your name and not returning them to applying for loans in your name."

While it's not yet clear exactly when affected consumers will find out if their data was breached, experts say there are steps you can take on your own in light of the breach.

“By checking the credit reporting bureaus, Equifax and Trans Union, once or twice a year you’ll be able to observe whether or not something has been applied for in your name that you are unaware of,” said Thompson. “People that do this know what they’re doing and it’s becoming an exponentially bigger problem.”

“I think a lot of people are victims of identity fraud and identity theft and they don’t even realize it.”

Equifax said Canadians will be notified by mail if their information was compromised.

The company said affected consumers will be offered free credit monitoring and identity theft protection for 12 months.

The company also said its investigation into the incident is ongoing and that it’s hired an independent cybersecurity firm to help prevent a similar breach from happening again.