The Equifax Data Breach: What Can I Do to Protect Myself?
You may have read that hackers broke into the database of Equifax, one of the largest credit-reporting agencies in the United States. The hackers stole personal information tied to 143 million people. They accessed people’s names, social security numbers, dates of birth, addresses and driver’s license numbers.
They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people.
If you have a credit card, then there’s a significant probability that identity thieves now have your social security number and address. So, there is no reason to think that data is not for sale to criminals who can use it to open new lines of credit or file phony tax refund requests in peoples’ names.
The company first waited over a month before releasing this news, then sent people to a website to find out if they were affected. The company compounded its public relations nightmare by including language stating that signing in to the website waived any right to join a class action suit against the company. This would limit or eliminate any compensation should their identities be stolen and financial harm come to them.
The negative publicity forced Equifax to delete the waiver. You can sign into the web page, http://www.trustedidpremier.com/eligibility/eligibility
to find out if you were affected.
So, what can you do?
There are several actions you can take to protect yourself.
1. To contain the potential for damage, the U.S. Federal Trade Commission recommends that you take several steps immediately. First, under federal law you’re allowed to request a free copy of your credit report once a year from each of the three credit reporting agencies: Equifax, Experian, and TransUnion—at http://www.annualcreditreport.com. You can do this every 122 days by rotating among the agencies. Look for suspicious accounts or activity that you don’t recognize—such as someone trying to open a new credit card or apply for a loan in your name. If you do see something, visit
http://www.identitytheft.gov/databreach to find out how to mitigate the damage.
2. Then monitor all of your financial statements. Please pay even more attention to the daily transactions on your credit card, bank and investment accounts. The credit report can’t tell you about money stolen from these accounts. If you haven’t already, please turn this into a habit. In most cases, theft happens over time, starting with small amounts stolen from across your accounts.
Please note that we monitor the accounts that we manage for you, and will report to you any suspicious activity.
3. Place fraud alert on your accounts with all the major credit bureaus. You can put in a fraud alert for free, by contacting one of the credit agencies, which is required to notify the other two. This will warn creditors that you may be an identity theft victim, and they should verify that anyone seeking credit in your name is really you. The fraud alert will last for 90 days and can be renewed.
4. And, possibly most importantly, put a freeze on new credit applications in your name. A freeze blocks anyone from accessing your credit reports without your permission. This can usually be done online, and each bureau will provide a unique personal identification number (don’t lose it) that you can use to “thaw” your credit file in the event that you need to apply for new lines of credit sometime in the future. Another advantage: each credit inquiry from a creditor has the potential to lower your credit score, so a freeze helps to protect your score from scammers who file inquiries.
Fees to freeze your account vary by state, but commonly range from $0 to $15 per bureau. You can sometimes get this service for free if you supply a copy of a police report (which you can file and obtain online) or affidavit stating that you believe you are likely to be the victim of identity theft.
5. Many Americans have opted to sign up for a credit monitoring service, which won’t prevent fraud from happening, but will alert you when your personal information is being used or requested. In most cases, there is a cost involved, but Credit Karma, http://www.creditkarma.com is one of the better free ones (of course, “free” means you get ads). Equifax is offering a free year of credit monitoring through its TrustedID Premier service, whether or not you’ve been affected by the hack. It includes identity theft insurance, and it will also scan the Internet for use of your Social Security number—assuming you trust Equifax with this information after the breach.
Lifelock charges a fee, and provides useful services. http://www.lifelock.com.
6. There’s one last way you can protect yourself. ID thieves like to intercept offers of new credit sent via postal mail. If you don’t want to receive prescreened offers of credit and insurance, you have two choices: You can opt out of receiving them for five years by calling toll-free 1-888-5-OPT-OUT (1-888-567-8688) or visiting http://www.optoutprescreen.com.
Or you can opt out permanently online at http://www.optoutprescreen.com. To complete your request, you must return a signed Permanent Opt-Out Election form, which will be provided after you initiate your online request.
As always, please feel free to contact us with any questions.