Millions of Americans are being impacted by two Category 5 disasters- Hurricane Irma and the Equifax data breach!! Certainly, we’re all watching Irma spread through FL and beyond, and our hearts and prayers are with all those in Irma’s path. But don’t discount the Equifax high-tech heist as something small. Last Thursday, Equifax announced that personal and confidential information for 143 million Americans were breached. This included names, social security numbers, birth dates, addresses and, in some instances, driver’s license numbers and other information.
This epic breach is a really big deal and a great concern. Equifax, Experian and Transunion warehouse the most intimate details of Americans’ financial lives, from credit cards to medical bills. Once security is breached, the hackers typically sell the stolen information to sophisticated identity thieves. Last year, 15.4 million Americans were victims of identity theft, which totaled $16 billion. In most cases, the money was recovered, but only after a tremendous amount of time, money and stress. One man said the thieves so ruined his credit that he was unable to secure a needed mortgage refinance. One lady’s social security number was used by others to file her income taxes and get a refund before she even filed her own return. It took her over a year to get it straight with the IRS. In the first half of 2017, there were a record 791 data breaches in the U.S., up 29% from last year. Victims have recounted what a terrifying experience it is to have your identity stolen. “You’re worried about the tremendous implications this could have and the possibility of it going on for years.”
Here’s the really bad part of the Equifax breach. We now know that the breach occurred six weeks ago, July 29th. The hackers probably sold the information shortly thereafter. We’ve likely all been compromised for six weeks and we didn’t know it. Equifax is now under investigation for the breach and their lack of transparency by Congress, New York’s attorney general and the Consumer Financial Protection Bureau. If you call Equifax, it’s another frustration. Their “hot line” is staffed with people who really can’t tell you if your information was taken or not. You should assume that it was. Ouch!!
It’s time for us to play defense. Step one- put a credit freeze on all three reporting services immediately. It’s your only hope. A credit freeze prevents existing creditors and new creditors from using your information. It prevents new accounts being opened in your name. When you contact the sites listed below you will receive a PIN that allows you to temporarily lift or “thaw” your freeze. Put that number in a very safe place (see below). Yes, you may be delayed a day or two to get your information released when you need to apply for new credit, but that’s a small problem compared to potential identity theft.
Here are the sites:
Equifax - https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp
Experian - https://www.experian.com/freeze/center.html
TransUnion - https://freeze.transunion.com/sf/securityFreeze/landingPage.jsp
I froze Elise's and my accounts yesterday in about 20 minutes.
Step two-you need to create strong passwords and store them in a secure spot. The bad guys may have two pieces of information, your social security number (which you don’t want to change) and your address. Don’t help them with the next step by having weak passwords.
Updating your passwords will take some time. Focus first on the key ones; your credit cards, financial institutions, and key retailers like Amazon and Apple; anywhere there is money or where thieves could get merchandise or services. If a site offers additional security with a two-factor authentication, enable it. Once you’ve got the key sites, start knocking out the others.
You should use a password manager like 1Password or LastPass. It’s always important to update your password every so often. These sites create a unique random number password for every website you visit and stores them in a database that you create. This makes it much more difficult for the thieves to decode your password. Further, these are great places for all of your passwords and your PINs. Of course, you need to keep your master password in a special spot and share that with your spouse and/or another trusted person.
No question, this is a real pain!! But, the alternative is possible identity theft which could be a 100 times worse. We live in an age of Big Data. We have all allowed the emergence of huge detailed databases full of information about us. Technology allows financial companies, tech companies, medical organizations, advertisers, insurers, retailers, the government, and even hackers to maintain and access this information. Unfortunately, companies like Equifax are only lightly regulated and there’s not much punishment for breaches. Hence, breaches will keep happening. Even with new technology, like Apple’s new iPhone8 which includes face recognition to unlock it, the consumer credit bureaus are not going away anytime soon.
Please do yourself a favor and freeze your credit, change your passwords and store everything securely this week. The process will certainly feel like more than an “ounce” of prevention, but if it saves you from identity theft, it will be far more than a “pound” of cure.