The Equifax Data Breach: Steps You Should Take Now to Prevent Fraud Later
Credit reporting agency, Equifax announced a cybersecurity incident potentially involving the personal information of about 143 million U.S. consumers. They state that “unauthorized access occurred from mid-May through July 2017.” They further stated that the info at risk includes, “Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.” Also, approximately 209,000 U.S. consumers’ credit card numbers and dispute info of about 182,000 U.S. consumers were accessed.
It’s the company’s third major cybersecurity attack since 2015 and is shaping up to be one of the most significant and far reaching in memory. It’s another in a long string of security breaches and hacks among several entities over the last few years.
On that note, we’re sharing some information to help keep you safe and in-the-know about what actions you should consider:
- Determine if you are at risk: Equifax created a website, equifaxsecurity2017.com, to help consumers determine if their information is potentially impacted. Consider going there and finding out if they believe your information to be at risk.
- Check your credit report: Look at the reports from all three credit bureaus, which you can get for free once a year at AnnualCreditReport.com. Using this information, you can determine if accounts have been falsely opened in your name.
- Change passwords and use all security features: It’s time to change your passwords at the sites you visit. It’s also good to use multi-factor authentication – such as security questions. You may even want to make up your answers. This way, even if someone who knows the info, they won’t get the answers right. Also, if your accounts offer a feature to send a text alert to your phone if there is a suspicious sign-on, enable that feature.
- Think about a "freeze" on your credit reports: We’re talking at all three credit bureaus. Then, no one, even you, can get the information needed to open accounts. You will create a private PIN that can be used as needed if you do want to open an account or loan.
- Personally monitor your accounts: Check your credit card and banking activity at least once a week, if not more often. This can easily be done with online and mobile account services available from pretty much any financial entity. The sooner you detect something, the better your chances of stopping it.
- Beware of phishing: Criminals will use every tactic possible to take advantage of this opportunity. Since many Americans are impacted and worried about their information, crooks will seek to trick many into handing over personal information. Even if your information was not exposed, you might get a fake email, text message or phone call offering to help or asking for your information to determine whether you were affected. In reality, they are looking to steal your info. Don’t click through, respond to or offer your information over the phone. Doing so could open yourself to loss.
- Monitor medical bills and insurance EOBs: If you get a bill or notice and it’s not about something you or your family members can recall, investigate. Make sure someone isn't pretending they are you. This puts more than your money matters at risk.
- Don’t ignore (the real) IRS: Yes, there have been bogus calls suggesting you take immediate action or face IRS penalties and/or imprisonment. No, those are not real. However, if you get a notice in the USPS mail from the IRS stating you didn't pay enough taxes, don't ignore it. Someone may be using your Social Security number for employment. This would make the taxes you are paying look deficient.
- Weigh pros and cons of free monitoring: Equifax is inviting consumers to enroll in credit file monitoring and identity theft protection. The service includes many features that are complimentary to U.S. consumers for one year. However, the fine print states that, by agreeing to terms and conditions, you may be giving up some of your consumer rights; like participating in class-action lawsuits. Although, New York Attorney General Eric Schneiderman took to Twitter saying the fine print language was "unacceptable and unenforceable," so they have since clarified the language. Regardless, given that Equifax is the source of the breach, is signing up for their monitoring service really a good option? It might be worth paying for a third-party service, like IDShield or LifeLock, if you want to pursue credit monitoring.
As with any security breach, don’t assume this will be the last. It’s simply the latest. It’s important that you take several steps to ensure your information is secure and that you minimize your risk. We’ve developed a fraud protection resource that provides further materials and resources. Equifax also recommends that consumers with more questions visit their site or contact them at a dedicated call center at 866-447-7559, the company has established; it’s open 7-days a week from 7AM-1AM Eastern.