You’ve probably heard by now that hackers broke into the Equifax database and stole 143 million people’s personal information. The hackers accessed their names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers from about 209,000 people and dispute documents with personal identifying information for about 182,000 people.
Were you affected?
To find out if you were affected you can go to Equifax’s site and enter your last name along with the last six digits of your social security number. They will tell you if they believe your information was involved. Regardless, you will be able to sign up for a year of their credit monitoring program. You will not be automatically charged after the complimentary year expires according to their site.
At this point, you should assume you have been compromised. If not from this breach, from an event in the past or possibly the next breach. It’s time to take steps to secure your accounts and your identity.
What does the FTC recommend?
The U.S. Federal Trade Commission recommends that you take several steps immediately.
First, under federal law, you’re allowed to request a free copy of your credit report once a year from each of the three credit reporting agencies: Equifax, Experian, and TransUnion at Annual Credit Report.com. You can request a free credit report every 122 days by rotating among the three agencies. Look for suspicious accounts or activity that you don’t recognize—such as someone trying to open a new credit card or apply for a loan in your name. If you DO see something, visit IdentityTheft.gov to find out how to mitigate the damage.
Second, continuously monitor your online statements; make this a habit. Your credit report won’t tell you if there’s been money stolen from a bank account or suspicious activity on your credit card. In most cases, theft happens over time, starting with small amounts withdrawn from your accounts and building from there.
Finally, consider placing a credit freeze or fraud alert on your account with all the major credit bureaus. You can place a fraud alert, for free, by contacting one of the credit agencies, which is required to notify the other two. This will warn creditors that you may be an identity theft victim, and they should verify that anyone seeking credit in your name is you and not an imposter. You need to renew your fraud alert every 90 days.
A credit freeze blocks anyone from accessing your credit reports without your permission—including you. You can usually do this online, and each bureau will provide a unique personal identification number that you can use to “thaw” your credit file if you need to apply for new lines of credit sometime in the future.
Fees to freeze your account vary by state but commonly range from $0 to $15 per bureau. You can sometimes get this service for free if you supply a copy of a police report (which you can file and obtain online) or affidavit stating that you believe you are likely to be the victim of identity theft.
What do we recommend?
We recommend that you take these simple steps first.
- Diligently watch your bank accounts and your credit card statements for suspicious activity.
- Request and inspect your credit report every four months by rotating the three credit bureaus.
- Sign up for the free credit monitoring service from Equifax. Or, sign up for a free service like creditkarma.com. CreditKarma’s business model is to give you access to alerts and credit changes by offering you credit cards, loans, etc. Experian, one of the other major credit bureaus, owns CompleteID.
- File your taxes as soon as you have the necessary information. This prevents scammers from trying to get your refund.
- Don’t use the same password for multiple websites. If a hacker gets your password from one website, they will quickly try that same password and email address combination at other websites.
- ID thieves like to intercept offers of new credit sent via postal mail. If you don’t want to receive prescreened offers of credit and insurance, you can opt out of receiving them for five years by visiting Credit Card Offers Opt Out.
We do not recommend placing a fraud alert on your accounts unless you see signs of suspicious activity, or a credit freeze unless you find that the fraud is more than a mere credit card breach.
One more thing before you leave
Pardon me if I go on a rant for a minute. There’s an old saying that “there’s no such thing as bad publicity”.
If these agencies are going to collect every bit of personal information on us to make a profit, they have an obligation to keep that information secure. This breach was due to Equifax’s incompetence or neglect; I’ll let them decide which one. Regardless of how this breach occurred, Equifax stands to make a serious profit as a result of the breach.
How will Equifax profit from this breach?
Equifax has their credit monitoring service (TrustedID) that they are making available for free for one year whether or not you were affected by the breach. Their price for this service is $240 for a household according to IDProtectionGuide.net. If only 3% of these people sign up for Equifax’s credit monitoring service and continue that service after the free year is over, Equifax will have increased their annual revenues by over $1 billion per year. Three percent of 143 million people is 4.29 million new clients. If they are paying $240 a year, that is $1.029 billion per year in new revenues. I’m sure the government will fine Equifax for their incompetence, but I don’t think it will be for over $1 billion.
Contact your congressperson and Senator and let them know you find this unacceptable. You can find your congressperson here, and your senator here. There is currently a bill proposed by Senator Warrento allow us to place a credit freeze for free. How about a law granting us lifetime credit monitoring for free?
If you find this information helpful, please feel free to pass it along to your friends and family. If you have any questions, please call or email us.