09/08/2017: Consumer Alert: Equifax Data Breach
September 8, 2017
Thursday, September 7th, Equifax – one of the largest credit reporting agencies in the United States – reported that roughly 143 million Americans’ personal data could have been compromised in a massive cyber security breach. According to Equifax, cyber-criminals accessed data such as Social Security numbers, birth dates and addresses. The agency said 209,000 credit card numbers were exposed in the breach, which includes customers in Canada and the United Kingdom as well.
How to Protect Yourself
Even if you don’t think you’re a customer of Equifax, there’s still a possibility your data could have been compromised. As a credit reporting agency, Equifax gets information from credit card companies, banks, lenders and retailers to help it determine a person’s credit score.
Here are some things you can do to protect yourself and mitigate the potential damage done by this breach.
- Find Out if Your Information is Potentially at Risk
Equifax is offering a website to check to see if you have potentially been impacted – www.equifaxsecurity2017.com. Click on the tab labeled Potential Impact in the center of the webpage. You’ll then need to enter your name and the last six digits of your Social Security number.
- Sign Up for Credit Monitoring
Equifax is offering every US consumer in the country free identity theft protection and credit file monitoring through the website www.equifaxsecurity2017.com — regardless whether their information was compromised.
- Check your Credit Reports
According to the Federal Trade Commission, consumers have access to one free annual credit report from each of the major credit reporting companies — Equifax, Experian and TransUnion. To Order Your Free Credit Report, go to www.annualcreditreport.com or call (877) 322-8228 to get free credit reports from the three major credit bureaus.
When looking through your reports, keep an eye out for new accounts you didn’t open, late payments on debts you don’t recognize and any other activity that looks unfamiliar.
- Freeze your Credit
One of the most reliable ways to prevent someone from opening credit cards in your name is to place what’s called a “credit freeze.” When you freeze your credit, you (or anyone masquerading as you) will be required to un-freeze your account by providing the PIN you got when you froze your credit. You’ll need to call the three major credit reporting agencies to ask for a freeze. The Federal Trade Commission lists more details on how to do that here.
- Keep a Close Eye on Your Accounts
Review your online accounts for suspicious activity, including banks, credit card companies and hotel and airline loyalty programs. Hackers frequently slice and dice information from large data breaches, selling groups of user information for specific companies on the dark web. Even the smallest accounts can be bundled together into a large group to be sold.
- Be Extra Careful With Emails and Links
Avoid clicking on links or downloading attachments from suspicious emails that claim to be updates from Equifax or connected to the breach. Equifax will send paper mail to consumers whose credit card numbers or dispute documents with personally identifying information were impacted.
- Change Passwords and Enable Two-Factor Authentication
Once hackers have access to ID and password information for one system, they routinely try the same combination against multiple other platforms to see which ones work, an easily automated process. For the vast majority of victims who didn’t have credit information compromised, the biggest risk here is that a criminal uses this information to answer your “security questions” and reset your password. Two-factor authentication keeps them from doing that by sending a text message or call to the user’s phone with a code as a second verification step. The code which must be typed in before the account can be opened.