It’s happened once again. On Thursday, September 7, 2017 Equifax reported that they had fallen victim to a cyber-attack. Headlines were plastered with the news of customer information being compromised. An estimated 143 million people may have been affected as result. You can read more about the details of this specific attack here. To find out if you have been impacted you can check here. Understand that if you take any offers from Equifax you may waive your rights in the future to pursue them for damages that may arise from this situation.
How does this affect the average person?
For starters, personal information may now be available to criminals or publicly exposed for the world to see. That personal information may be sold on underground markets and can include names, addresses, phone numbers, and even social security numbers. Just a few pieces of the right information would be enough for anyone to open credit cards, utility accounts, bank accounts, or even allow someone to steal your physical identity. In short, if you receive a notice that you’ve been affected, take the news seriously.
What can be done?
It’s hard to imagine that your personal information might be exposed. Not only that, but it’s scary to think of what might happen after the fact. There are a few things you can do immediately to help prevent any ill-fated effects of compromised information. Here are some tips about what you can do to combat any issues:
Consider setting up credit monitoring with all three of the credit bureaus. The three bureaus are TransUnion, Experian, and Equifax (coincidentally enough). These three bureaus keep a close eye on your credit and are likely to have any credit-related activity reported to them including opening and closing of accounts as well as delinquent, late, or defaulted payments for liabilities. Once credit monitoring is setup you can breathe a little easier knowing you’ll be notified of any activity. Note that these services may or may not be free of charge, and personally I’m not sure I’d recommend anything Equifax has to offer (since they are the reason I’m even writing about this topic). There are also third party identity theft monitoring services such as LifeLock that can monitor your credit and other identity related activities.
In lieu of (or in addition to) setting up credit monitoring you may also want to pull a credit report from each agency. It is a best practice to monitor your credit report on a continuous basis regardless but in times of heightened risk it might be a good idea to grab a copy and make sure there is nothing questionable on your report. If you do find something you disagree with then you can start the process to resolve issues immediately. By continuously monitoring your credit it should reduce the impact from issues in the future. Keep in mind that any unfavorable credit report effects due to a recent compromise of information may take months (or even years) to show up since your information may not be used immediately after the attack.
Alert any banks, credit card companies, investment firms, accountants, and any other third party financial service providers that your information has been compromised. This is helpful in enforcing safeguards to validate your identity when attempting to make transactions or do business with these parties so that they can ensure only you are the party being dealt with.
Consider changing passwords (and login IDs) to sensitive websites. This seems to go without saying, but whenever there is a breach of information it’s always a good idea to change your password to prevent unauthorized use of your information.
Monitor your bank accounts and credit card activity more closely. You can do this by downloading the smartphone apps offered by your bank and credit card company and/or setting up spending notifications by text/e-mail. By setting automated alerts you’ll at least see activity for large transactions and can react very quickly to recover any lost money. Check out my blog about using credit vs. debit at checkout to further reduce the risk of financial compromise.
Last but not least, make sure you file your taxes on time. With the information that may have been stolen anyone could file a tax return for you. It is easy for criminals to craft fictitious tax returns in the hopes that they will receive a refund check, leaving you holding the bag at tax time for any money paid out. There are safeguards set in place at the IRS and state levels to ensure proper handling of all tax returns, but there is always the risk that something slips through the cracks. In the perfect storm of identity theft a criminal may have everything they need to file a legitimate tax return for you and direct any refunds to their accounts. If you do fall victim to fraudulent tax reporting then you should consult with your tax advisor (or find one if you are a self-preparer) to help you address the issue. Even if you don’t meet the minimum requirements to file you should still file a tax return annually.
Criminals are becoming more sophisticated with how they steal from others. The above steps are a starting point; however, they may not be all encompassing since everybody’s situation is different). I would urge anyone who feels they have fallen victim to a data breach to do what they can to protect themselves. Feel free to post any other tips in the comments section below!