The massive computer hack of Equifax, one of the three largest US credit reporting agencies, exposed the Social Security numbers, names, and contact information for up to 143 million of us. How should you respond? A lot of conflicting advice is floating around; here is what I am doing and what I would recommend:
1. Go to EquifaxSecurity2017.com and enter your last name and the last six digits of your Social Security number to find out whether you are one of those potentially affected by the breach. There is a question on how accurate this is; one person entered their name as “test” and number as 123456, and was told they were affected by the breach.
3. Monitor your bank accounts, credit card statements, and other financial information carefully for the next year. Immediately report any suspicious transactions.
4. Do not rush out and buy identity theft insurance. The big winners out of this mess will be insurance companies that sell this protection, as millions will take out new policies. I do not plan to be one of them, as my opinion that identity theft insurance is of limited value has not changed.
5. If a check of your Social Security number through Equifax’s website shows your information has potentially been compromised, you could consider canceling credit cards or closing bank accounts that may not protect you against fraud. However, most major credit cards and financial institutions will cover successful fraudulent attempts to use your account.
6. Consider placing a free fraud alert on your account with the three major credit bureaus to warn creditors to verify your identity before issuing credit in your name. If you contact one agency, it is required to notify the others. You can also put a freeze on your credit, which blocks anyone (including you) from accessing your credit reports without your permission.
7. Unfortunately, one of the best actions to take is one that none of us can easily do: change our Social Security numbers. It is possible to change one as a result of identity theft, but the application process requires evidence of serious ongoing problems.
8. Consider contacting your Senators and Representatives to raise the issue of whether it’s time to discuss more flexibility around Social Security numbers. The good news is that elected officials may well be among the millions of us in this boat.
While Equifax has handled this debacle poorly (it took them a month to disclose it), they are not the only company that will suffer serious consequences. I see banks and credit card companies, who ultimately pay the tab for identity theft, as the biggest losers.
This data breach potentially involves many people who have followed recommended strategies, such as using strong online passwords and guarding credit cards and account numbers, to protect against identity theft. I recommend following the Equifax story as it unfolds in the media, as it may have an impact on how you should safeguard your data in the future.