Equifax, an international credit reporting agency, announced on Thursday, September 7th that a cybersecurity breach exposed the personal information of 143 million U.S. consumers. Although it was just recently announced, the breach was uncovered two months prior and for a span of roughly two months, from mid-May through July 29, hackers had access to information. They were able to obtain consumers’ names, Social Security numbers, birth dates, addresses and, in some cases, driver’s license numbers as well as the credit card numbers of about 209,000 consumers and specific dispute documents with personal identifying information of about 182,000.
The data obtained by the hackers can be enough to steal the identities of people whose credentials were stolen through no fault of their own, potentially wreaking havoc on their lives. Equifax stated that its core credit-reporting databases don’t appear to have been breached.
In the statement released Thursday, Equifax acknowledged that “criminals exploited a U.S. website application vulnerability to gain access to certain files.” This has the potential to impact 44 percent of the U.S. population which were Equifax customers. According to the Equifax website, they handle the data of more than 820 million people and more than 91 million businesses worldwide. With this many American consumers and businesses affected, not including Canada and the U.K., what is more discerning is that Equifax has not explained why more than two months passed before they even discovered the hack.
Now What Can Customers Do To Protect Themselves?
#1 Consider enrolling in Trusted ID
Trusted ID, Equifax’s identity protection program, is free and being offered to anyone who wants to enroll. Trusted ID was created to help prevent identity theft and tampering of your credit. You can sign up for the program, but be aware the system that informs you whether or not you were hacked may be broken. If you opt to enroll in the program, you are waiving your ability to participate in a class-action lawsuit against Trusted ID. However, it does not prevent you from participating in lawsuits related to the cyber attack.
#2 Check your credit reports
At this point, it has been 3 months since the hack and it has not been determined whose data may have affected during that time. You should take the time to go through your credit reports and look for any suspicious activity. The US government guarantees everyone a free annual credit report from the three major bureaus, Equifax, Experian and TransUnion.
Look for any new credit including loans, credit cards or reopening of closed lines of credit. If you see anything suspicious, contact the credit card company’s fraud department immediately. You will not be responsible for charges made on a fraudulent card, but you need to report the activity in a timely manner.
#3 Freeze your credit
You can place a “credit freeze” on your credit to avoid anyone opening lines of credit in your name. All you have to do is call the credit bureaus and have them freeze your credit and they will provide you with a PIN. When you want to apply for credit, you will need to call to unfreeze your account and provide the PIN you got when you froze your credit. Keep your PIN in a secure place!
To freeze your credit, contact each of the credit bureaus using these phone numbers:
- Equifax: 1-800-349-9960
- Experian: 1‑888‑397‑3742
- TransUnion: 1-888-909-8872
#4 Set up a fraud alert
If you set up a fraud alert, credit card companies will be required to verify your identity before opening an account. This is just another way to prevent identity theft.
That, combined with the credit freeze, is a great way to keep your credit secure.
To set a fraud alert, you only need to call one of the credit card bureaus and ask for an initial fraud alert. Once the alert is set, it will only last 90 days. You will have to call back and renew it.
To set a fraud alert call one of the credit bureaus:
- Equifax: 1-888-766-0008
- Experian: 1-888-397-3742
- TransUnion: 1-800-680-7289
At this point, you may want to assume your information was hacked. Although this was not the largest data breach in history (Yahoo, wins that title when it announced that the personal information of at least 500 million people had been stolen nearly a year ago), the Equifax data breach can impact you so take the necessary precautions to reduce your risk of identity theft.