By now, I'm sure you've heard that Equifax had a huge data breach, that affected more than 143 million people. This is huge.
This is like 44% of the U.S. population.
The breach was discovered on July 29th, but occurred between mid-May and July 29th, 2017.
Instead of making it public right away, the largest credit reporting agency in the country decided to work with a private security firm to see how it happened.
That means we, consumers, spent about 3 months totally clueless, while 3 top executives decided to start selling off shares of their company stock (insert several side eyes).
What Information Was Compromised?
Personal information such as names, social security numbers, addresses, driver’s license numbers, and roughly 200,000 people had their credit card numbers exposed.
Although, most of the information came from U.S. residents, there are a small percentage of consumers in the U.K and Canada that were affected as well.
Many of you have mentioned to me that you didn’t have any of their services, so you shouldn’t be affected. WRONG!
Remember, Equifax obtains consumer data from credit card companies, banks, retailers, lenders, government entities on a daily basis; so, if you do business with any of these companies; chances are – you are affected.
Also, if you sent a dispute letter to Equifax any time between May – July 29th, guess what? That supporting documentation you sent – driver’s license, state ID, social security card, etc.; – that may have been compromised as well.
Equifax will send mailing notices to those who’s credit cards and dispute information were affected.
What’s disheartening about all of this is that I, a credit educator and professional, recommend Equifax for their credit and identity theft monitoring services! I’m totally in shock right now. The very firm we trust to protect our information, allowed a weak spot in their system to be hacked and put all of us at risk.
So, what do we do now.
Equifax has set up a site, where they are asking us to trust them with our personal information once again. It asks for our last name and last 6 digits of our SSN. I thought the request for 6-digits was interesting because most of their systems ask for 4; this means they need a bit more information to confirm we’re who we say we are (red flag for me; I don’t know about you).
The site will tell you if you may have been affected or not. No, it’s not super clear. In some cases, it doesn’t even tell you if you’ve been affected, it’ll just provide a date of when your free credit monitoring will start. Total Increase the confusion stage (yep, sarcasm).
If you decide to call (866-447-7559); you will not receive any more clarity. Here’s a snapshot of one person’s experience:
*Sigh* So, what’s a Partner (that’s you btw ?) to do?
You can still complete the form and see if you may have been affected; I wouldn’t trust the ‘you may not have been affected’ message, because I doubt they know who may have been affected. Think about it; how often does your SSN, DOB, name, etc. change??? NEVER! They (and you) may not know you’re affected until years from now.
- Place a fraud alert on your credit reports. A fraud alert requires a creditor to verify your identity with the credit bureaus (or you, if you leave a telephone number) prior to opening an account in your name. You can place a fraud alert on your credit online or via telephone:
Equifax: 1-888-766-0008, Experian: 1-888-397-3742, TransUnion: 1-800-680-72892.
- Freeze your reports. If you did get a ‘your information may have been compromised’; freezing your reports will ensure that new lines of credit cannot be opened in your name using your social security number.
Equifax: 1-800-349-9960, Experian: 1‑888‑397‑3742, TransUnion: 1-888-909-8872
- Stalk your financial records. You should check your charges, debits and withdrawals. Simply checking the balance will not do. Check the actual transactions that have occurred for each billing cycle.
- Stalk your credit reports. Freezing your credit reports isn’t foolproof; skilled identity theft ‘professionals’ can still open lines of credit in your name. Do not simply check your credit scores. By then it’ll be too late; check the data! Check the inquiries section, the personal data section for names, different date of birth, multiple social security entries, etc., as well as new accounts that may have been opened in your name.
- Obtain identity theft protection – and keep it! Credit monitoring is all good, however, it simply monitors activities that have already occurred. Identity protection alerts you prior to the event happening. Yes, Equifax is offering one year’s protection for free; however, the effects of the breach will last for YEARS. As I mentioned before; how often does your social security number change? Your name? Your date of birth? Right. Get protection and plan on keeping it for some years.
- Some have opted to cut up their credit cards and request new ones. Better safe than sorry.
- Make A List. I’m sure you’re like me, and pay a TON of your bills using your bank account, debit card or credit card. Make a list of the accounts and services that are linked to which credit cards.
- Change your passwords. While you’re making your list change, all of your passwords to super strong ones that contact capital and lower-case letters, numbers and special characters. Ideally; you want each password to be a bit different from another. The same password means that every account you have can be accessed.
- File taxes early. We’re not sure how much of our data may have been compromised, or how much of it will be misused and by whom. Stolen social security numbers are used to file fraudulent tax returns all the time. File early to avoid this. (IRS left some more tips here).
Hope this helps ?
If you have any further questions, tips or concerns, feel free to post them to our free online community, The Prosperity Club!
~ Netiva, The Frugal CrediTnista