By now nearly everyone is aware of the security breach at Equifax that began in July of 2017. What was originally reported as having touched over 150 million Americans, now has been updated to include an additional 2.4 million affected by the breach. While this certainly doesn't mean half the country has had their identities stolen, given the scope and nature of this hack, it's just common sense to spend a few minutes to find out if your personal data may have been compromised. Here are some quick steps we think will be useful in helping you identify and protect yourself from future cyber-attacks:
How Do I Know If I Am Impacted?
First, go to https://www.equifaxsecurity2017.com/ and click on "Potential Impact". At the moment, it's important to know the Equifax site is delivering inconsistent results to people trying to find out whether their information was part of the stolen data. Regardless of whether or not you are among those who may have been impacted by the Equifax security breach, you can get free copies of your credit report by going to Annual Credit Report. Keep in mind that the most you can hope from credit monitoring services is to be alerted after your digital identity has been stolen.
While several firms offer "enhanced" credit monitoring services for a recurring monthly or annual fee, we are encouraging everyone to explore the free and low-cost consumer protection services first...and then decide if you think paid credit monitoring services are worth the extra expense.
What Can I Do to Protect Myself from Identity Theft?
Register a Fraud Alert on your credit file - Fraud alerts serve as temporary "red flags" for anyone looking at your credit file and indicates there may be suspicious activity associated with your credit report. An initial fraud alert is free and easy to enter. Simply register your file with any one of the three credit reporting companies such as Equifax, Experian, and TransUnion. You only need to notify one, since they are required to notify the others. Creditors are then supposed to take extra steps to verify the legitimacy of any new credit applications. Fraud alerts do not prevent viewing of a credit file or lenders issuing credit to anyone they wish. Fraud alerts expire after 90 days but can be renewed as often as you like by notifying one of the three credit reporting bureaus. If you have evidence of fraud associated with your credit file, you may request an extended fraud alert, which stays on your file for 7 years. Eligibility to apply for an extended fraud alert will require providing a copy of a valid police report showing you have been a victim of identity theft.
Place a Security Freeze on your credit file - A security freeze denies access to your credit reports for new creditors and makes it more difficult for identity thieves to open an account in your name. A security freeze will not lower your credit score and remains in effect until you take action to remove or lift the security freeze. On September 21, 2018, a new nationwide law made it free for you to freeze, thaw or unfreeze your credit report.
Applications can be completed online or sent via certified mail. You will need to lift the freeze temporarily to open a new credit account, get a loan, apply for insurance, or authorize an employer to conduct a background check.
Importantly, you should be aware that placing a security freeze on your file does not extend to your spouse and will not prevent the issuance of pre-approved credit offers. You can stop pre-approved credit offers by calling (888) 567-8688 or by going online to www.optoutprescreen.com.
Where Can I Report Suspicious Activity?
Equifax Consumer Fraud Division www.equifax.com
P.O. Box 740256
Atlanta, GA 30374
Experian Consumer Fraud Assistance www.experian.com
P.O. Box 9556
Allen, TX 75013
TransUnion Fraud Victim Assistance Department www.transunion.com
P.O. Box 6790
Fullerton, CA 92834
Michael Reid, CFA is a Managing Director and Partner at Exchange Capital Management. The opinions expressed in this article are his own.
Editor's Note: The post was originally published on September 18, 2017 and updated to reflect current rules, regulations, and statistics.