From May through July, hackers exploited a website vulnerability at Equifax, one of the major consumer credit reporting agencies. If you have a credit report, there is a chance your sensitive and personal information including Social Security numbers, birth dates, addresses, and driver’s license numbers, may have fallen into the wrong hands. The stolen information could be used in tandem with passwords taken from other databases to commit financial crimes against you, reported a source cited by Consumer Reports.
Here are seven steps to take to help protect your assets and credit:
Find out if you were affected. From a secure computer or encrypted network connection, go to the Equifax website, www.equifaxsecurity2017.com. Scroll down and click on ‘Potential Impact.’ You will be asked to provide your last name and the last six digits of your Social Security number.
Enroll in TrustedID Premier. If your data has been breached, Equifax will offer enrollment in TrustedID Premier. The program provides up to $1 million in ID theft insurance, Social Security Number Scanning, 3-bureau credit file monitoring, and the option to freeze your Equifax credit report.
Place a fraud alert or credit freeze on your other credit reports. Experian, TransUnion, and Innovis also provide credit reporting services. Contact each of the companies to place an alert or a freeze on your credit report:
A fraud alert warns both current and prospective lenders they must take reasonable steps to verify your identity before providing credit. When you’re a victim of ID theft, an alert can be put in place for up to seven years.
A credit freeze is different. It restricts access to your credit report. If you request a freeze, the credit agency will send a letter with a personal ID number (PIN). Keep the PIN in a safe place. You’ll need it to unfreeze your accounts, according to the Federal Trade Commission.
Change your passwords. Create new passwords for online banking, brokerage, and financial accounts. Each account should have a unique password. Best practices suggest passwords have 12 to 14 characters.
You may want to consider using a password management application. They’re designed to store and retrieve passwords so you can keep track of multiple long, unique password combinations without security issues like storing passwords improperly or failing to remember them.
Activate two-factor authentication. Two-factor authentication provides an additional layer of security for email and other accounts. After you enter your user ID and password, you’ll be asked for a code to verify your identity. You can have the account provider text a code to your phone, although that creates vulnerability if your phone is stolen. A better option may be to download an authenticator app so you can generate your own code.
Beware email links. Some fraud attempts are obvious: text or email from a Nigerian prince or an update request from a financial institution where you don’t have an account. Others may be more difficult to spot. As a rule of thumb, if you receive an email with a link requesting you update or make changes to a financial account, don’t click on it. Call the financial institution or go directly to its website to make any changes.
Keep an eye on your accounts. Check bank, brokerage, and other financial statements for suspicious transactions. If you find unauthorized activity, report it to the institution and the proper authorities.