12 Ways to Protect Yourself After the Equifax Hack
The latest security breach at Equifax means, as Forbes personal finance guru Tim Maurer said: Unfortunately, we now live in a world where it’s not a question of if, but when, we will deal with having all or part of our identity stolen.
The most recent panic attack about our personal information came last week, when consumer credit reporting bureau Equifax announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers, according to a press release from the company and video announcement by Equifax Chairman and CEO Rick Smith.
The information was leaked between mid-May through July 2017 and included names, Social Security numbers, birth dates, addresses, and (in some instances) driver’s license numbers. Additionally, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were also accessed.
An offer from the company to offer all consumers one year of free credit monitoring sparked outrage this week; however, when it was discovered that a clause in the service agreement tried to deny people their right to sue or to join class-action lawsuits against Equifax if they accepted the free credit monitoring offer from the company. (The Los Angeles Times has a great explainer on the legal particulars of those problematic service agreement clauses, which have now been removed.)
But while the New York Post makes the salient (horrifying?) point that this is not the largest data breach in history (that would be last September, when Yahoo revealed that 500 million user accounts had been compromised in 2014, and three months later revealed that a separate 2013 attack hacked more than 1 billion accounts), it’s especially troubling because Equifax is one of three places we trust to verify whether or not our identity or credit has been compromised. The credit monitoring bureau handles data on more than 820 million consumers and more than 91 million businesses around the world, plus a database of more than 7,100 employees.
So, beyond keeping an eagle eye your bank and credit cards statements for a suspicious $3,000 sofa or laptop that you didn’t order, what else can you do to protect yourself and your identity?
Experts say, primarily things we should all be doing anyway, so take this as a cue to get your cyber security in order by being more vigilant in monitoring your accounts and changing all of your important passwords to be more secure. In a very Snopes-ish, proactive move, CNN Money has also fact-checked a list of the most prominent Equifax hack rumors so you can breathe a teensy bit easier.
Here are 12 ways to be proactive to protect your personal information, in addition to the Federal Trade Commission’s best practices to combat identity theft.
1. First, check the last 6 digits of your SSN on Equifax’s Cybersecurity Incident website (EquifaxSecurity2017.com) to see if your information has been compromised.
It’s not 100 percent accurate, says Maurer, however — one of his colleagues used their dog’s name and a made-up SSN and it returned a positive result — so take the yes/no diagnosis with a grain of salt.
According to the New York Times, the next four things you should do are:
2. Set up fraud alerts
3. Consider credit freezes
4. Check your credit report to get a baseline
5. Sign up for Equifax’s free year of credit monitoring
Maurer at Forbes also cautions that consumers should:
6. Use credit cards for everything for the time being, instead of debit cards, so that it won’t be your money that is stolen if you are hacked — let the credit card companies handle the fraud.
“This is advice that I’ve received first-hand from Frank Abagnale, the fraudster turned FBI consultant made famous by Leonardo DiCaprio in the movie Catch Me If You Can,” Maurer writes. “We can trust him now. I’m pretty sure.”
Additionally, from a legal standpoint, Forbes also suggests you:
7. File your taxes as early as possible this year.
“It’s possible that the Equifax hackers will sit on Social Security numbers until tax filing season,” says lawyer and contributor Rob Berger, of DoughRoller.net. “Then they’ll try to use your tax information to file for a tax return in your name before you can. The best way to beat this tactic is to file your taxes as early as possible.
In order to be proactive about your personal information on other sites, the New York Post suggests that you:
8. Take an internet subscription inventory and make your account logins more secure.
“Just how many services (Netflix, Amazon, Spotify) do you have linked with your bank account or credit cards?” says Nicole Lyn Pesce of Money-ish. “Now is a good time to create a file of what services are linked to what financial accounts, and to make sure you have strong, separate passwords for each one.”
9. Don’t pay for services you could do for yourself for free.
Unlike most personal finance advice in the wake of the Equifax breach, stalwart financial powerhouse Barron’s says caveat emptor when it comes to shelling out good money for credit monitoring services.
“Act quickly to make sure fraud hasn’t already occurred under your name, but don’t fall for services that charge you to do things you could handle yourself for free,” warns Barron’s Emily Bary.
10. Stay vigilant, because this hacked information could cause problems for years.
Editors at Wired warn that attackers may have better luck abusing the leaked data in earnest after Equifax’s first year of free credit monitoring is over, when many potential victims lose free monitoring.
“When this type of stuff happens, it’s like oh, crap,” Alex McGeorge, the head of threat intelligence at the security firm Immunity, told Wired. “Your Social Security number doesn’t change, so this data is going to get resold on the black market and hold its value for a while.”
11. Contact your representatives to voice your concerns about the need for tighter cyber protections.
Popular personal finance blog Wisebread suggests using this news as an opportunity to check in with your state and federal legislators and voice concerns about the growing need to keep our personal information safe from criminals and foreign threats.
“With cyber hacking becoming an increasingly bigger concern for anyone who uses loans, credit cards, and online banking, it’s important to get our country’s digital infrastructure up-to-date so consumers can remain protected as hacking incidents get more sophisticated,” says contributing editor Amy Lu.
12. If you’re feeling overwhelmed, “phone a friend” in the form of hiring vetted services.
The personal finance experts at Learnvest have a great list of suggested resources for specific, vetted credit check and credit monitoring services — with links.