It has been reported that 143 million United States (U.S.) consumers have been affected by the most recent breach involving the credit-reporting agency, Equifax.
In response to this breach, Equifax has created a website that allows a consumer to enter the last six digits of their social security numbers and last name to find out if they are affected. However, considering the breach includes details on nearly half the U.S. population, the chances of any given person being included are reasonably high.
If you do find out you have been affected or you just want to take measures to protect yourself, there are a few actions you can, and should take to be proactive about protecting your identity. It’s lengthy, but considering the significance of the information stolen, it’s necessary.
- If you have an account with Equifax, change the password for it immediately. It wasn’t disclosed as being part of this breach, but it’s always a good idea to do this after any breach. When doing so, be sure it is unique and not used on any other site. Hackers often try to reuse passwords and user name combinations on other websites once they have them.
- Because your email address and password could have been exposed within this breach and is tied to many of your accounts, it is a good idea to change your password. Through this breach, a hacker might have access to your email address and password. With the information they can take control of your email account, correspond on your behalf, and misdirect your emails.
- Enable two-factor (2FA) on all websites offering this security protection. This will prevent anyone with malicious intent from requesting a password reset just by using your email address and will keep them from getting into your account using just your password. If this option is available on any website, take advantage of it, even if the account doesn’t store sensitive information. People often think websites like Facebook, Twitter, LinkedIn, or Instagram don’t require use of 2FA because payment card details or social security numbers aren’t stored with them. However, those sites have so much information about users that they are extremely important to secure.
- Be sure to monitor your free credit report regularly using SavvyMoney found within Online Banking. Keeping an eye on your credit should be normal practice. Everyone with credit should be checking them for suspicious activity throughout the year.
- Credit card and bank account information of approximately 209,000 people was also included in the stolen data. Be sure to monitor your payment card, checking and bank statements diligently and report potential fraudulent charges.
- Be on the lookout for phishing emails that attempt to get you to click links or open attachments claiming they are somehow related to this incident. Often, these phishing campaigns ramp up to take advantage of news like this. If your information was included in this breach, don’t rely on an email to tell you. Check the website or wait to see if you receive a paper letter in the U.S. Mail from Equifax. In this case, assume any email messages you get claiming to be related to or supporting this Equifax breach in any way are phishing. Confirm legitimacy of links and attachments in some manner other than by using information provided in the email messages. Often, scammers will put phone numbers and email addresses in them, hoping you will respond using those. They actually staff locations to handle communication initiated from that information. Be wary of any messages, email, text, or chat that claim to provide a service for you as a victim of this incident.
Equifax is offering a lot of services free of charge to victims. They include credit report monitoring with all three bureaus, copies of Equifax credit reports, identity theft insurance, scanning the Internet for social security numbers, and the ability to freeze and unfreeze Equifax credit reports. This is all offered through their own services, which might make some go “hmmm.” But, Equifax already has your information, so you might want to factor that into your decision whether to let them monitor it and alert you if something comes up. Or, you might decide to use a different credit report monitoring service like SavvyMoney. Regardless of the company you decide to use, it’s a good idea to have your credit report monitored for unauthorized activity.
Donovan Fox© Copyright 2017 SDFCU.org