By this point, it is news to no one that Equifax was hacked resulting in the personal and financial information of millions of people to fall into the wrong hands.
According to reports, some 143 million Americans have had personal and/or financial information compromised by this breach. Equifax has given access to a database in which you can cross-check your information against what they have to potentially determine if your information may have been stolen.
There have been reports that this database may not be completely accurate. Bogus names and made up social security numbers are being entered and returning positive results.
So, I wouldn’t necessarily trust this as assurance that you have, or have not, been comprised. Also, there’s something about typing in most of my social security number in a webpage run by a company that recently had a massive data breach which just feels uncomfortable.
From what I have read, this hack potentially affects everyone that Equifax has a file on – So, most American adults. Unless you have never had a credit check run against you, meaning you don’t have a credit card, never applied for a home or car loan, and have not opened a cell phone account, you are almost assuredly included in the breach.
I am recommending that clients just assume their data has been compromised and begin taking identity protection steps.
Unfortunately, there is no ironclad way to give yourself 100% protection against identity theft in a situation like this. If someone is committed to stealing your specific identity, they probably will, regardless of any preventative actions you might take.
However, given the scale of this breach, making yourself a more difficult target may result in criminals simply moving on to easier prey.
Think of it like this, if a burglar is walking through a parking lot, looking to break into cars, they will lift cardoor handles and move on if the car is locked to try and find one that is unlocked. So, for this analogy, let’s make sure we lock our doors.
The other item I want to prepare clients for is that it may take years for ill-effects from this hack to bear out. With 143 million options at their disposal, it’s actually pretty unlikely that criminals will go after your accounts tomorrow.
It may be months or years (but hopefully never) before there is an attempt made at stealing your identity. This means that you can’t really just take short-term actions. Your vigilance will be required, pretty much indefinitely, from this point on.
Equifax has offered to provide one year of free credit monitoring through their proprietary product, TrustedID Premier. Initially, there were concerns that signing up for this service would disqualify you for potential legal action against Equifax in the future.
This is no longer the case. Equifax has clarified their language that signing up for this free year of service will not waive your right to legal action or arbitration.
If Equifax has, understandably, left a bad taste in your mouth and you choose not to use their service, there are plenty of other identity theft protection services available, albeit for a fee.
I would encourage clients to employ some sort of identity protection service. They are not guarantees against theft, but should help combat some intrusions of your identity.
The glaring problem to me with the one-year, free service is that, as I mentioned above, it may be much longer than a year before someone attempts to use your information illegally.
First of all, yes, there are four credit reporting agencies, not three. This includes lesser known Innovis. It stands to reason that with this breach, credit inquires may more regularly include Innovis since creditors may be less likely to employ Equifax going forward.
A credit freeze restricts the credit reporting agencies from providing potential creditors with your current credit report. If a creditor cannot see your credit report, they are unlikely to grant someone posing as you, a new line of credit.
Credit freezes are easy to set up by either calling or going to the websites of each of the credit reporting agencies (Equifax, TransUnion, Experian, and Innovis). Depending on the state you live in, there may be a small fee to place, modify, or remove a freeze.
The drawbacks of a credit freeze are two-fold:
1. It makes your life a bit more difficult. Anytime you want to do anything that includes a credit check, you need to unfreeze your account beforehand. On its own, this isn’t a big deal. However, most people don’t always remember to unfreeze their credit or don’t realize an action may require a credit hit.
Things like changing a cell phone plan, applying for a job, or even switching cable providers may require a credit check. Losing out on a potential new job because of a freeze on your credit will be a rough experience.
2. A freeze does not protect your existing accounts being abused or from new lines of credit being opened with creditors you already use. So, this does nothing to prevent fraudulent charges on your existing credit cards.
It also does not prevent a new credit card from being opened in your name at an institution where you already have an account. One item I believe may be still vulnerable with a freeze is someone purchasing a cell phone or cell plan at the provider you currently use. Check your cell phone accounts regularly.
This is a less extreme version of a credit freeze, though quite a bit less protective. A fraud alert will cause the credit reporting agencies to require more detailed identity verification from creditors before releasing your credit report. In theory, this will make it harder for fraudulent accounts to be opened in your name.
Given the types of information that may have been stolen from Equifax, a fraud alert may not actually hinder criminals trying to use your information at all. However, there should not be a charge to set up fraud alerts, so this is a worthwhile step to take regardless of its efficacy.
Ultimately, the onus for identity security will fall on you. If you don’t already, it is time to begin regular and frequent monitoring of your accounts. Log in to check your credit card and bank activity at least weekly.
Carefully review purchases and withdrawals to ensure that all transactions were actually made by you. Monitor other accounts like your cell phone plan and cable subscription, as well.
Beware of phishing scams. Don’t click on random links in emails from senders you aren’t expecting or used to emails from. I am prepared to begin receiving a torrent of email scammers posing as
Equifax trying to get clicks on harmful links. Do not engage with these emails. Equifax is using physical mail to communicate if you are affected by this hack.
While I don’t necessarily recommend clients do this, I am a subscriber to Credit Karma. Through this service, I am able to access what Equifax and TransUnion are reporting about my credit whenever I’m curious.
If you do choose to use Credit Karma, be warned that you are required to give them all of your personal and financial information. As we just learned, it might not be the best idea to let a company have your information. They also bombard you with ads. Consider employing a service like this with care.
Even with the utmost diligence, you may still be victimized by this data breach. But, by taking proactive steps, you can reduce the odds of being affected. Unfortunately, this is the best that can be done.
This is the consequence of our inter-connected, digital world. Importantly, if you are a client and do detect fraud, please contact us immediately so that we can secure your financial accounts at Ferguson-Johnson Wealth Management. We take our clients’ protection extremely seriously.