Equifax Data Breach

Many consumers have been alarmed recently to learn that Equifax, one of the three major credit reporting agencies in the US, suffered a data breach between mid-May and July 2017.  Personally sensitive information of virtually anyone with a credit history was exposed, including names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers and/or credit card numbers.  (More information here: https://investor.equifax.com/news-and-events/news/2017/09-15-2017-224018832)

While I do not usually endorse alarmist reactions to news events, in this case, there is cause to be concerned, and furthermore, to take action.

Just what action you should take has been a topic of many recent articles, as well as a source of confusion for consumers.  To help you make sense of it all, here are 3 key areas for concern, and what you can do to protect yourself:

 

  1. If thieves have access to your personal information, they could open new accounts and rack up charges under your name without your knowledge. To protect against new fraudulent accounts being opened:
    1. Consider placing either a fraud alert or a credit freeze on your file. What’s the difference?  A concise explanation and “how-to” can be found here: https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs#difference
    2. Check your free annual credit report – from the official site:annualcreditreport.com. Immediately report any new accounts that you do not recognize, or anything else that looks fishy, by contacting the reporting agency.
    3. Speaking of fishy, beware of phishing scams, especially those that seem like they come from Equifax. The approximately 209,000 S. consumers whose credit card numbers Equifax believes were compromised will be contacted by Equifax directly via SNAIL MAIL, not via email or phone.  Therefore, suspicious emails should be deleted and not opened.  Definitely do not click on any links or open any attachments from a source you do not know.

 

  1. Next, thieves could access your existing credit accounts wreak havoc there. To protect your current credit history and accounts, there are several options:
    1. Watch your financial statements (bank accounts as well as credit card statements) for unauthorized charges and report them
    2. Ask your credit card company about extra security on your existing cards. Some companies offer additional security steps for free; some may charge a fee, but it could be worth asking.  If you are really nervous, you can also request your bank or credit card company to issue you new cards.  Just don’t forget to then update any BillPay or autopays you have set up with the old account numbers, including paychecks and/or Social Security benefits payments.
    3. Sign up for a credit monitoring service.
      1. Equifax is offering customers a free credit monitoring service for 1 year through its TrustedID program. You could sign up for that here: https://www.equifaxsecurity2017.com/enroll/ Contrary to some misunderstandings out there, Equifax has stated that signing up for this service does not waive your rights to a future class action lawsuit.
      2. If you don’t feel comfortable with the Equifax offer, you can sign up for free credit monitoring through Credit Karma: https://www.creditkarma.com/about. If any unusual activity occurs on your Equifax or TransUnion credit reports, they contact you. Note that Experian is currently not on their service, so you’d need to check them separately. Outside of the identity theft issue, Credit Karma also gives you observations on how to improve your personal credit score, based on your credit reports.I
      3. f you prefer to go further than monitoring, you can enroll in an identity theft service which will actually jump in and help you to fix the issue, should you become a victim of identity theft. These companies charge an annual fee, but some feel the protection is worth it.  Two to consider are: Zander Insurance: https://www.zanderins.com/idtheft2 and Lifelock: https://www.lifelock.com/how-it-works/overview/

 

  1. Finally, the larger issue, I believe, goes far beyond credit. It touches at the heart of your digital identity: your social security number.  If thieves have access to this number, along with potentially your name, address, and date of birth, they can do far more with that information than damage your credit score.  Therefore, in my opinion, safeguarding your social security information may be the most important step to take.  Here’s how:
    1. Go to: https://www.ssa.gov/myaccount/ and create an account, if you haven’t already. Even if you don’t plan to collect anytime soon, having your legitimate account in place will prevent a thief from doing so.  If you already have an account, it’s worth taking a moment to log in and change your current password.  Also, the Social Security Administration added a second step of authentication this past summer.  If anything on your statement looks amiss, contact the Social Security Administration immediately: (http://www.ssa.gov).
    2. Tax fraud: The FTC recommends you file your tax return as soon as possible, before a scammer can. This is a step you can’t do until around February, but an added layer of protection is to request a PIN from the IRS, which must be mailed with your tax return. More information here and a link to the request form can be found here: https://www.irs.gov/identity-theft-fraud-scams/data-breach-information-for-taxpayers
    3. Medical insurance: you may not have thought about this one. With the personal information that was exposed, thieves could potentially file false medical claims in your name, stealing your Medicare, Medicaid, or private health insurance benefits. Stay on top of this by asking your medical providers for copies of your recent medical records. Check to make sure that you recognize all the providers listed and that the treatments shown were actually received by you.

 

Lastly, breathe.  This will not be a quick or easy fix, but it’s important.  To protect your personal credit history and digital identity takes time and patience, especially since these many of companies have been recently inundated with service requests and phone calls.  Be diligent, however, and don’t give up.  A small headache right now could help you to prevent a really big migraine on down the road.  Just ask anyone who has been a victim of identity theft.

 

Other helpful links:

https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do

https://www.identitytheft.gov/#what-to-do-right-away