Think Your ID was Exposed in the Equifax Breach? Here's What to do About it

September 13, 2017
icon
icon
icon
29_National_Stop_Bullying_Day_How_Can_You_Do_Your_Part_1b30dfe9a2.avif

We pride ourselves on being a leader in managing and protecting data….We also are focused on consumer protection”
These are the ironic words of Equifax CEO Rick Smith in his statement explaining that his company, which collects, reviews and holds records on more than 800 million Americans, had been breached. On September 7th, the company disclosed that they had been breached on July 29th and the records of more than 143 million Americans, along with some 44 million Brits and Canadians, had been stolen from their databases.
Never heard of Equifax? Well, considering that it’s one of the three largest credit reporting agencies in the US, if you have ever applied for a credit card, there is a pretty good chance that they have information about you stored in their database. Initial reports show that social security numbers are at the highest risk for exposure, but also exposed were driver’s licenses, dates of birth, addresses, and in the very worst scenarios, credit card numbers. It also seems that PINs may have been exposed. This information can, and most likely will, be sold on the dark web where attackers will use it to open new credit card accounts, apply for loans and commit all other sorts of ID fraud.
Exquifax’s Many, Many Misteps
What’s being called the “most economically damaging hack in US history” is also becoming one of the worst handled breaches too.
First off, it took the company an unacceptable 6 weeks to disclose that there had been an incident. Then, just days after the breach was found, three top execs sold huge shares of company stocks. They claim they had “no idea” regarding the incident, but that’s just a bit hard to swallow.
Once they announced the breach, their next misstep was providing consumers with an online security check tool. Users were instructed to enter some information and the tool was supposed to accurately determine if their information had been involved in the breach. In theory, that is. The “security check” was entirely dysfunctional right from the start; curious users put in false information only to be told that their fake identity had been breached. Oh, by the way, the information required by the security check to check if the user’s information was exposed? The last 6 digits of his or her social security number, which is ironic for a company that couldn’t keep that same info secure.
Lastly, the company is providing anyone who signs up one free year’s worth of identity protection. That’s nice, but after the first year, you’ll have to start to pay for the service. Considering that typical fallout from a data breach like this lasts a lifetime, one year is pathetically inadequate and moreover, Equifax just turned this huge misfortune into a business opportunity.
What the Equifax Debacle Means for You
With the scope of the breach and the horribly executed disclosure, security experts are advising every adult in the US to assume that their own data has been exposed. Since Equifax has announced that they will not be alerting anyone if they have been exposed even once they have more clarity, there seems to be no way to effectively rule out exposure. This means that from here on in, anyone who cares about their identity must ramp up their awareness where their ID is concerned. Sound complicated? It doesn’t have to be. Here is a primer:

  • Get in the habit of regularly checking your accounts for suspicious transactions. The faster you can alert your credit card company to anything out of the ordinary, the better your chances of fixing it.
  • Freeze your account with the three big credit agencies, Equifax, Experian (which incidentally, was also breached a few years back) and TransUnion, which will prevent attackers from opening lines of credit with your identity. It’s an easy enough, automated process in which you will be given a PIN, which is required to open any new accounts. Just understand that you’ll need to unfreeze your account using your PIN when you do anything that necessitates a credit check, like opening new cards or applying for loans. Be aware,  fees may apply for this service.
  • Alternatively, you can put a credit alert on your card with each credit report company, which means that any lender must alert you when anyone, including (and hopefully only) you, tries to open a new line of credit. This is typically a free service and must be renewed every 90 days.

Unfortunately, the madness doesn’t stop there; hackers use opportunities like this to draw in even more victims using phishing tactics. They may send emails or make calls that claim to be from Equifax, another credit monitoring service or bank to trick you into revealing personal information. You can bet that these calls and emails will be highly personalized because, well, they already know a whole lot about you. So how can you tell a phishing email from a real one? No legitimate company will ever ask you for sensitive information via email or phone call.
On a positive note, state attorney generals around the US are heading up investigations into the breach and how it’s been handled and numerous class action suits are underway. Importantly, if you’re planning on joining in a class action suit, make sure to keep away from the company’s online security check tool, which as part of the terms and conditions, bars users from joining suits against them.
With the flurry of major data breaches that happen almost weekly, protecting your ID is more important than ever. Now is the time to ensure you are prepared with the tools you need to stay secure.

Tags: Uncategorized
icon
icon
icon

Must-Read Articles

01.
What Is The Best Antivirus For HP Laptop Users?
02.
Do You Know How To Scan Zip Files For Viruses And Zip Bombs?
03.
Tired of Being Tracked? How to Stop Being Tracked Online
04.
How Can Hackers Steal Your Social Security Number?
05.
“I Got Scammed On Instagram!” How To Detect An Instagram Scam
06.
Cash App Scams & Fraud: How Can I Protect Myself?
07.
Top Tips For How To Remove Hard Inquiries From Credit Report
08.
"I Got Scammed!" - Does PayPal Refund Money If Scammed?
09.
What Antivirus Does Google Use? Why You Shouldn't Just Rely On Google Virus Protection
10.
Has My Email Been Compromised? 5 Signs It's Been Hacked

Recent Articles

How to Recognize Fake ChatGPT & Fake Domains
What is Web Server Security? Best Secure Practices To Employ
Scams On Facebook Marketplace and How to Safely Sell Online

Discover more

Attacks to critical Infrastructures: the next cyber front to worry about
Fireball – the explosive malware heard ‘Round the World’
WannaCry No More? You Better Start Patching
The amazing mothers of tech
5 Major FinTech Security Concerns You Need to Know About Before You Bank
5 Tricky Tax Season Scams and How to Avoid Them
footer logo
+1 (989) 300-0998support@reasonlabs.com
Company
arrow
Who We AreWhy ReasonLabs?PlatformEventsIndustry RecognitionCareers
Resources
arrow
BlogLabsCyberpediaReportsNewsFAQ’s
Products
arrow
RAV Endpoint ProtectionSafer Web DNS FilteringRAV VPNRAV Managed EDROnline SecurityFamilyKeeper
© 2023 Reason Cybersecurity Ltd.
Product PoliciesPrivacy PolicyTerms & Conditions