What You Should Know About the Equifax Data Breach

Last week the credit monitoring service Equifax announced that their database had been hacked and that the personal information of over 140 million individuals had been exposed. This breach poses a credible threat of identity theft for anyone whose information was stolen. According to CNET, the information included: birth dates, social security numbers, account numbers, and some driver's license information.

Besides identity theft, you should be aware of the following threats:

• Phishing emails that claim to be from Equifax where you can check if your data was compromised;
• Phishing emails that claim there is a problem with a credit card, your credit record, or other personal financial information;
• Calls from scammers claiming to be from your bank or credit union; and
• Fraudulent charges on any credit card due to identity theft.

Here are steps you should consider taking now to protect yourself against identity theft, whether or not you have been affected by this breach:

1) Find out if you have been compromised. Contact Equifax at the following web address: www.equifaxsecurity2017.com/enroll/. Click on the link at the top that reads "To enroll in complimentary identity theft protection and credit file monitoring, click here." You will be asked for your last name and the last six digits of your Social Security Number. The site will indicate whether it is likely that you were affected by the breach. From there, you will be directed to a site to enroll in one year of complimentary credit monitoring. Because of high demand, you may have to wait several days before you can actually enroll.

Note, Equifax's offer does not include resolution in case of identity theft. Also note that Equifax's offer only lasts one year. Your birthdate and social security number will still be valid a year from now, so this step only temporarily mitigates the risk. Equifax's offer ends November 21, 2017.

2) Enroll in a credit monitoring service. There are free options for monitoring your credit report through the credit bureaus Experian, Equifax, and TransUnion. Other sites such as CreditKarma, will also provide free credit monitoring. If you want identity theft resolution, more robust monitoring, or the ability to freeze your credit, you will likely need to enroll in a monthly subscription service. Choose a service that also offers identity theft resolution services, which operate as an insurance policy against identity theft. Some credit cards--such as MasterCard and Discover--offer free identity theft resolution services.

3) Set up a free 90-day fraud alert. You may also contact one or all of the credit bureaus in order to set up a fraud alert on your account. This will require any lender opening an account on your behalf to verify your account. Keep in mind that fraud alerts must be renewed every 90 days. You only need to contact one reporting agency as they are legally obligated to share that alert with the others.

4) Implement a credit freeze. More powerful than a fraud alert, a credit freeze prevents any business from checking your credit report while it is frozen. If you do not plan on opening credit cards or applying for a mortgage in the near future, this may be a viable option. Your credit account may be "unfrozen" by using a PIN number. Both the "freezing" and "thawing" processes entail a fee that can range as high as $10 each, depending on your state of residence. Advice for how to file a freeze is available here on a state-by-state basis: http://consumersunion.org/research/security-freeze/

5) Monitor your credit statements. Notify the lender immediately if any fraudulent charges appear.

6) Change all passwords. Immediately change all passwords for banking and credit accounts. You should not merely update the last character, but instead create new passwords which are not tied to other accounts. The National Institute of Standards and Technology now recommends using a phrase or word combination that is easy for you to remember.

7) Use Secure Networks. Public wireless networks are some of the easiest targets for hackers. Only use a secured network when accessing any banking, investment, or shopping sites.

Other Resources. The FTC provides free guidance on Identity Theft Recovery at their site https://identitytheft.gov/. In addition, your credit card company is very likely to offer free credit monitoring for a limited time. The Identity Theft Resource Center http://www.idtheftcenter.org/ is a good resource if you believe you have been a victim of identity theft.

Identity theft is one of the fastest growing global criminal threats. At this time, the only way we can stop it is by being diligent. If your data has not been stolen it likely will be soon. Following these steps can help you avoid becoming the next victim.

IMPORTANT DISCLOSURES