The Equifax Breach and You
When a company holds private identifying information, consumers expect the company is adequately securing that information from theft. After all, unauthorized disclosure of that information can put people at risk of identity theft. Unfortunately, consumers will be disappointed once in a while.
Equifax, one of the top credit bureaus, announced in September 2017 that it had a major data breach. Per Equifax: “On July 29, 2017, Equifax discovered that criminals exploited a U.S. website application vulnerability to gain access to certain files.” What does this mean? It appears Equifax’s systems were breached leading to a loss of consumer information affecting over 143 million Americans.
At this point, the details are as follows.
Between May and June 2017, over 143 million people have had their information stolen. Hackers took consumer’s names, Social Security numbers, birth dates, and addresses, as well as driver’s license information for an undisclosed number of people. In addition, 209,000 people also had their credit card information stolen and 189,000 had some other personal information breached. This breach is one of the largest to affect the U.S.
What Should You Do?
Find out if you were part of the breach.
You can visit equifaxsecurity2017.com, a site created by Equifax to manage consumer concerns, to determine if your information was involved in the breach. To find out if your information was breached, the site will require your last name and the last six digits of your social security number. (There have been some reports that the tool returns conflicting information.) If you choose to use this tool, be sure to use a trusted computer and internet connection.
Review your credit report.
Federal law allows you to get a free credit report from each of the major credit agencies every year. You can request your free reports here: www.annualcreditreport.com.
Consider credit monitoring.
Even if your information is not identified as part of the breach, you can, at a minimum, take advantage of Equifax’s offer for free credit monitoring for one year. More information about Equifax’s offer of free credit monitoring services can be found at equifaxsecurity2017.com. (Edited: Although, considering Equifax has already lost control of your sensitive data once and continues to make mistakes in handling this breach, you may not want to voluntarily trust them again.) Keep in mind that credit monitoring typically only alerts you AFTER your information has been used in identity theft.
Freeze your credit.
The best way to protect yourself against identity theft is by filing a security freeze (AKA credit freeze) with all four consumer credit bureaus: Equifax, Experian, Innovis, and TransUnion. There may be a small charge for this service, determined by each credit bureau. A freeze will make it almost impossible for anyone to open lines of credit in your name and it can be “thawed” and “re-frozen” when you need to open a new account.
Brian Krebs, a cyber security journalist, has an excellent article on this.
Place a fraud alert on your credit files.
If you become a victim of identity theft, you can place a fraud alert on your credit files. This free service will alert the credit bureaus that you may be a target of identity theft and that they should verify with you before providing credit information to anyone. This option may require that you provide proof of having been a victim of identity theft (e.g. a police report) and typically only lasts 90 days but is renewable.
Finally, the most important thing to do to protect your credit is to STAY AWARE. The options mentioned above are smart steps to take, but they will not prevent tax fraud or medical fraud. Staying aware means doing the following:
- Monitoring your credit reports, bank statements, and credit card statements frequently for irregularities.
- Examining the explanation of benefits statements from your health insurance company.
- Filing your tax returns as soon as possible every year.
It’s frustrating when a company like Equifax who maintains personal details on millions of people loses control of that information. After an event like this, people are all ears on what to do. Take advantage of it to provide helpful guidance and stress the importance of cyber security! After all, it certainly affects us all.