Another massive data breach has reminded us how vulnerable we are to cyber attacks. Credit monitoring company Equifax announced that a “Cybersecurity Incident” had exposed names, Social Security numbers, birth dates, addresses and, in some cases, driver’s license and credit card numbers, from a whopping 143 million Americans.

Considering that more than half of adults, people over 18, are affected, everyone should go to the Equifax emergency web site, to determine if information has been compromised. If so, you will be enrolled in Equifax the protection service (“TrustedID”). Consumer advocates pressed to make sure that signing up for the service would NOT mean a waiver of legal rights in the future.

But, the service has other issues, according to credit expert John Ulzheimer, “You’re only going to get it free for one year” and chances are, your liability is going to last a lot longer. Additionally, it “only applies to your Equifax credit report, and not your credit reports at Experian and TransUnion. That’s like locking one of the three doors to your house.”

If you are a victim of this (or any) breach, here’s what to do — the whole process took me about an hour to complete:

  • Contact one (under law, each is obligated to notify the other two) of the three credit bureaus EquifaxExperian and TransUnion to put a free fraud alert on your credit report, which makes it harder for an identity thief to open more accounts in your name. It lasts 90 days, but you can renew it. You will also receive a free credit report from each of the three companies.
  • If someone has used your information to make purchases or open accounts, file a complaint with the Federal Trade Commission and print your Identity Theft Affidavit. Use that to file a police report and create your Identity Theft Report.
  • Place a credit-freeze on your file, which generally stops all access to your credit report. Unfortunately, you need to contact all three companies to freeze your files. Important note: If you need to access credit, you have to unfreeze your records, which can take a few days. Some states charge a fee (up to $10) for placing or removing a freeze.

At this point, the question is not if your information will be compromised, but when. While there is no magic shield to protect your coveted identity, there are best practices to keep the criminals at bay.

1) Guard your information:

  • Refrain from providing businesses with your SSN just because they ask for it. (Medicare recipients should be careful, because SSNs are printed on Medicare cards.)
  • Don’t provide personal information over the phone, through snail mail or via Internet unless you have initiated the contact or you know with whom you are dealing. This is especially important to communicate to older relatives or friends, who are prime targets of fraudsters.
  • Beware of over-sharing on social media, where criminals are finding treasure troves of information. Because they are explicitly targeting children under the age of 18, parents need to talk to their kids and explain why it’s so dangerous to share too much information.

2) Protect your Password: Change logins and passwords monthly, use password generators and sign up for two-factor authentication.

3) Shop carefully: Don’t send financial information on unsecured wireless networks and when making purchases, use a credit card, which has more fraud protections under federal law than debit cards or online payment services.

4) Review credit card statements: Before you pay, make sure that there are no fraudulent charges. While you’re at it, enroll in a credit card notification program, where the bank alerts you to charges over a preset amount.

5) Review your (and your children’s) credit report every 12 months at If you find an error, report it immediately and stay on top of the process.