Last week, we were informed 143 million Americans had key identifying information stolen through credit reporting company Equifax.
Equifax responded by saying they will offer a one-year "credit monitoring" service and then tried to upsell their premium service. Being as they are the ones responsible for the breach in the first place, this does not reassure.
Furthermore, one year of monitoring is completely random. Suppose thieves only want my information for the next year and then will promise to never use it again? Ridiculous.
Given this, what to do?
1. Religiously read and scrutinize your bank and credit card statements every month. If you see something that does not look right, contact the institution immediately. They will generally suspend the payment of the suspicious transaction pending a more thorough investigation. If you have moved to all-online access (no monthly hard-copy statement), make sure you are thorough in reviewing transactions on a regular basis.
2. Use credit cards instead of debit cards. If someone has hacked into your world, a credit card offers a grace period in which you can review your statement before payment is due. However, if someone hacks into the debit card, the burden falls more on your shoulders. If you have payments auto-drafting from your bank account, this can easily send you into a cascading problem of overdrafts. If this happens, it is a pain to fix.
3. Once you have determined a fraud has occurred, put an alert in your credit report and send a copy of the ID theft report (consumer.ftc.gov/articles/pdf-0094-identity-theft-affidavit.pdf) to all the credit reporting companies. Although this may sound like closing the barn door after the horses are out, you want proper documentation that you have reported this and are working with the authorities.
4. Monitor credit reports closely. Not only can these reports have errors that can hinder your ability to get credit, but it's a good habit to be in to see what accounts have been opened in your name. This service is available for free on an annual basis by going to: annualcreditreport.com/index.action.
5. Evaluate a credit freeze. This offers the most serious level of protection, in our opinion. It literally freezes the ability for anyone, including you, to open new credit of any kind in your name or Social Security number. Although it works very well, it can also be a bit of a burden to undo. Allow yourself at least a week to lift a credit freeze once you have submitted the necessary information. This is important to consider if you plan on financing a new car or applying for a mortgage.
It is also important to understand that a credit freeze does not stop someone from accessing an existing credit card and using it. As such, a second reminder to review your credit and debit statements religiously!
6. Contact the police and Federal Trade Commission. Although cybercrime may not involve a gun and masked robber, it is still a crime. To get needed protection, contact the local police and the FTC to obtain their official reports. These reports must go in your credit files. Not only does this help law enforcement track and catch criminals, but it is necessary for your protection, too.
7. Change passwords and be careful of where you access Wi-Fi. If there has been a breach, determine what accounts are affected. Immediately change those passwords. Furthermore, reduce vulnerability to someone stealing passwords by not using public Wi-Fi. Public Wi-Fi allows keystrokes to be more easily monitored, allowing information to be stolen.
8. Contact the Social Security fraud hotline (oig.ssa.gov/report-fraud-waste-or-abuse). In some cases, we have seen clients who have had their Social Security numbers used for fraudulent purposes. Depending on the level of severity, they not only had to not only prove their innocence but then apply for a new Social Security number.
We have only seen the tip of the iceberg relative to the Equifax debacle. As such, be proactive and remain vigilant to prevent being a victim.