Another massive data breach has reminded us how vulnerable we are to cyber attacks. Credit monitoring company Equifax announced that a security breach had exposed names, Social Security numbers, birth dates, addresses and, in some cases, driver’s license and credit card numbers, from a whopping 143 million Americans.
Considering that more than half of adults, people over 18, are affected, everyone should go to the Equifax emergency web site, equifaxsecurity2017.com to determine if information has been compromised. If so, you will be enrolled in Equifax's protection service (“TrustedID”). Consumer advocates pressed to make sure that signing up for the service would NOT mean a waiver of legal rights in the future.
But, the service has other issues, according to credit expert John Ulzheimer, “You’re only going to get it free for one year” and chances are, the danger from the giant security breach is going to last a lot longer. Additionally, it “only applies to your Equifax credit report, and not your credit reports at Experian and TransUnion. That’s like locking one of the three doors to your house.”
If you are a victim of this (or any) security breach, here’s what to do — the whole process took me about an hour to complete:
- Contact one (under law, each is obligated to notify the other two) of the three credit bureaus Equifax, Experian and TransUnion to put a free fraud alert on your credit report, which makes it harder for an identity thief to open more accounts in your name. It lasts 90 days, but you can renew it. You will also receive a free credit report from each of the three companies.
- If someone has used your information to make purchases or open accounts, file a complaint with the Federal Trade Commission and print your Identity Theft Affidavit. Use that to file a police report on the security breach and create your Identity Theft Report.
- Place a credit-freeze on your credit reports, which generally stops all access to them. Unfortunately, you need to contact all three companies to freeze your reports. Important note: If you need to access credit, you have to unfreeze your reports, which can take a few days. Some states charge a fee (up to $10) for placing or removing a freeze.
At this point, the question is not if your security will be compromised, but when. While there is no magic shield to protect your coveted identity, there are best practices to keep the criminals at bay.
1) Guard your security:
- Refrain from providing businesses with your SSN just because they ask for it. (Medicare recipients should be careful, because SSNs are printed on Medicare cards.)
- Don’t provide personal information over the phone, through snail mail or via Internet unless you have initiated the contact or you know with whom you are dealing. This is especially important to communicate to older relatives or friends, who are prime targets of fraudsters.
- Beware of over-sharing on social media, where criminals are finding treasure troves of information. Because they are explicitly targeting children under the age of 18, parents need to talk to their kids and explain why it’s so dangerous to share too much information.
2) Protect your Passwords: Change logins and passwords monthly, use password generators and sign up for two-factor authentication.
3) Shop carefully: Don’t open yourself up to a security breach by sending financial information on unsecured wireless networks. When making purchases, use a credit card, which has more fraud protections under federal law than debit cards or online payment services.
4) Review credit card statements: Before you pay, make sure that there are no fraudulent charges. While you’re at it, enroll in a credit card notification program, where the bank alerts you to charges over a preset amount.
5) Review your (and your children’s) credit reports every 12 months at annualcreditreport.com. If you find errors in the reports, notify credit bureaus immediately and stay on top of the process.