What To Do About The Equifax Breach

What To Do About The Equifax Breach

As you probably have heard, nearly half of all Americans have had their most sensitive personal data stolen from Equifax, one of the country’s three credit reporting bureaus.  This is the biggest single data breach in American history, and we should all be very concerned about this situation.  Here are my immediate observations and suggestions, which are likely to evolve over time as the situation becomes clearer.

Here are just a few of the fraudulent activities for which you may be at risk:

  • Fraudulent purchases made using your existing credit cards.
  • Fake credit card accounts taken out in your name.
  • Mortgages or loans taken out in your name.
  • Your tax returns becoming hijacked.

The fact is, at this point in time we just don’t know what all the possible negative consequences might be.  But one thing is certain.  Equifax has clearly demonstrated that they are unworthy stewards of our personal data, this being their third (and worst) hack in the last two years.  Adding insult to injury, the company is offering only one year of free credit monitoring, knowing full well that the kind of data that was stolen typically takes many years to surface.  Given their track record, I would recommend avoiding all contact with Equifax.  That means not signing up for any of their services, free or otherwise.

So what should you do about this situation?

First, at a minimum, you should carefully review every credit card statement for any fraudulent purchases.   Card issuers have become pretty adept at spotting unusual purchases, and more likely than not will contact you first if they suspect something.  Nonetheless, make the effort to verify the activity yourself every month if you don’t already do so.

Next, you should get copies of your latest credit reports through www.annualcreditreport.com and review them carefully for any errors or any fraudulent activity.  You can get three free reports each year, one from each of the three credit bureaus (Equifax, Experian, and TransUnion).  If you request one from a different company every four months, you will maximize the value of this free monitoring capability.

You additionally have the choice of signing up for credit fraud alert monitoring or taking the stronger step of putting on a credit freeze at any or all of the credit reporting agencies.  Whether or not to take either of these actions depends on your personal risk tolerance.  I wouldn’t pick Equifax even if it’s free.  You can find out the benefits at any of their websites.  The downside, besides the cost, is that alert monitoring could result in your being inundated with a lot of warnings that are not especially serious.  And a credit freeze does involve some degree of hassle, both in setting it up and in temporarily removing it whenever you wish to open up any new accounts for you or your family.

Lastly, make sure your email account is highly secure.  That’s because the warnings from the various monitoring activities you may be undertaking are typically sent via email.  You need to make sure you actually receive such messages, not have them be intercepted (or even seen) by hackers.  Your email account password should include upper & lower case letters, numbers, and special characters.  If your service provider offers two-factor authentication (i.e. texting you before making changes to your password or other personal information), be sure to take advantage of that as well.

Unfortunately, none of the above steps will help you address any IRS, Medicare, or Social Security fraud of which you may become a victim.  You might consider writing to your congressional representatives to urge them to take steps to make it easier in the future to identify and recover from identity theft involving federal agencies.

On the positive side, even if your personal information has been compromised, that doesn’t mean you will become an identity theft victim.  But you will need to remain vigilant for a pretty long time before the dust settles after a data protection failure of this magnitude.

Here is the contact information for the three major credit reporting agencies:


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.