In September 2017, it was announced that Equifax, one of the three major credit bureaus, had been hacked, leaving 145 million consumers and their personal data—half of the adult U.S. population—potentially exposed. Even if you have never requested a credit report from Equifax—or had never heard of the company until news of the breach—your private, non-public information could still be affected. If you’ve ever applied for a bank account, credit card, or loan, chances are, you have an Equifax file and could be a victim of this breach.
Security breaches of this sort have become a regular occurrence and the ramifications can be devastating and far-reaching. If you become a victim of identity theft, that means someone can use your personal information to open credit cards in your name, take out medical benefits under your name, and even commit a crime under your name.
Similar to protecting your physical assets, such as your home or cars with insurance coverage, your personal data also needs your full attention; especially when a theft or potential for theft has taken place. It’s up to you to protect yourself, as best as you can from the harmful effects, such as a ruined credit history, due to identity theft. In light of this recent Equifax breach, here are five important steps to take immediately to ensure your financial data and personal information are secure.
The first thing you should do, if you haven’t already, is visit the special Equifax Cybersecurity Incident website. If you scroll down, you’ll see a button that reads, Am I Impacted? Click that and enter your information; you’ll instantly find out if you were affected by the hack.
(And don’t worry about providing your information; while Equifax originally had a disclosure stating if you clicked submit, you’d be giving up your rights to a lawsuit, they removed that section due to consumer pressure).
Whether you’re a victim of the breach or not, you should take advantage of Equifax’s TrustedID Premier. It’s a complimentary identity theft protection and credit file monitoring service that will last a year. All you have to do is click the Enroll to Protect & Monitor Credit button on the Equifax Security site and follow the instructions on the page. This service includes an Equifax credit report, Equifax credit report lock, credit file monitoring, social security monitoring, and $1 million identity theft insurance—all for free.
We don’t necessarily recommend paying for credit monitoring services, but if they’re giving it to you for free, you could probably benefit. Just make sure the service is legitimately coming from Equifax, TrustedID Premier, or your bank, and that it’s not a fraudulent offer from a scammer.
If you are not already, get in the habit now of monitoring your own bank accounts and credit card statements on a regular basis—at least once a week. Sign up for text or email alerts of your online banking services so you have immediate notification when transactions occur. Pay attention to any transaction that you don’t recognize, no matter the amount; scammers will often complete a small transaction to see if you (or your bank) is paying attention or if the credit card number works, then they’ll make a larger charge when they think they can get away with it. If you share a financial account with a spouse or family member, check with them first to make certain none of the charges were legitimate before contacting your bank or credit card company.
If you find any verifiable cases of fraud in your account history or you’re on the lookout for fraud (due to the Equifax breach, a lost wallet, or other issue), ask for a fraud alert to be placed on your credit file. All you have to do is contact one credit bureau by phone and they will automatically alert the other major credit bureaus about your fraud alert. This alert requires that you be contacted before any new accounts are opened in your name, and stays on your credit report for 90 days.
Experian: 1-888-EXPERIAN (397-3742)
If you’ve been impacted by the Equifax breach, (or any other data breach), immediately order all three of your credit reports for free (If you’ve enrolled in TrustedID Premier, you should receive your reports from Equifax as well). It’s crucial to know what your credit history and score is now, because for as long as your information is out there, your credit can still be affected, even two to three years from now. If your credit becomes impacted down the line, you’ll have proof that it was in good standing immediately following the breach and can help when you file a petition with the credit agencies so that they will acknowledge that you were a victim of identity theft.
If you are still concerned about your credit, you can freeze your credit file to prevent unauthorized people or organizations from accessing your information. This option is best if you’re not going to be applying for new credit in the near future; you can however “thaw” your credit (for a small fee, based on your state) either for a certain amount of time or for a certain lender, once you’re ready to utilize it again. You might think it’s a hassle to go through the trouble of freezing your credit, but it’s nothing compared to the months or years of inconvenience in dealing with the aftermath of identity theft. It’s a simple way to give you peace of mind that your credit will remain in good standing, even if your financial data has become vulnerable in a breach.
Share this article with your friends and family. Half the U.S. population has been affected by the Equifax security breach; that’s one out of every two adults. So if your name is not on the list, someone you know has probably been impacted. Unfortunately, according to news reports Equifax is not doing enough in warning the public, so it’s up to you to protect yourself, and warn the people you care about.
Here are 10 additional tips and steps to take to make sure your financial data is secured.
- Only work with someone you contact. If someone calls you about the situation, assume they are a scammer and take down their phone number; don’t provide any information to someone who cold-calls you.
- Don’t resolve this kind of issue by email. If possible, call and/or write an old-fashioned letter. Email could get compromised too easily, or the email could be spoofing the intended recipient
- Be wary of the sites you visit and the links contained in emails. Set your browser to show the full URLs of the websites you visit since scammers will often imitate legitimate sites or redirect you to a phishing page. You should also make sure any financial site you visit begins with “https://” (the “s” means it’s secure).
- If you’re on the Internet in a public place, don’t sign into your financial sites. Treat any public or open Wi-Fi network as insecure, and don’t enter any passwords while using it.
- Rethink your passwords. Make sure you create a unique password for every site or account you use. Security experts recommend creating a long password (at least 12 characters) of lowercase and uppercase letters, numbers, and special characters. Try coming up with a sentence you can remember, and abbreviate that into a password using symbols and integers where they make sense. For example, “I need unique passwords for every account and site I use” becomes “Inup4ea&sIu!” At 12 characters, it would take 200 years for hackers to crack it.
- Be prepared with 2-factor authentication or 2-step verification on important accounts. These security methods require two “factors” to grant you access to your accounts—something you know, and something you have. For example, you enter your password on a site (something you know), and then a code is texted to your phone (something you have). After entering your code, you are granted access. This method is very secure, but has downsides. If your phone is lost or stolen, you no longer have one of the necessary factors, and you are effectively locked out of your own accounts. Make sure you know the steps to take or who to contact if this should happen.
- Don’t carry more than you need to. You shouldn’t be carrying around your Social Security card, and probably don’t need to bring every credit and/or debit card along with you every time you leave the house. Only carry what you need at a given time, so if your wallet or purse is stolen, you don’t lose everything at once.
- Shred paperwork before throwing it out. Old credit card statements or offers, medical paperwork, bank statements… don’t throw anything away without putting it through the shredder first. Destroy any old credit cards, insurance cards, shipping materials, and/or prescription medication bottles as well. You don’t want any personal information getting into the wrong hands.
- Don’t let mail sit in your mailbox for too long. If you’re going to be away from home, arrange for a trusted neighbor to grab it for you or stop by the post office and ask them to put a hold on your mail until you return. Anything sitting near your front door or in your driveway for too long could tip off a burglar that you’re out of town.
- Opt out of credit card and insurance offers. Visit optoutprescreen.com or call 1-888-567-8688 to opt out of pre-screened credit card and insurance offers. The fewer credit card applications floating around with your name on them, the better.
We must all stay vigilant when it comes to securing our financial data. If you think you’ve been a victim of identity theft or have concerns about your credit report or scores, contact credit.org today. Our certified credit counselors and financial coaches can answer your questions and educate you on additional ways to secure your financial data and improve your credit. Give us a call at 800-449-9818 for a confidential session.
You can also download our free Consumer Guide To Good Credit from our Educational Guides and Downloads page.