Thursday’s shocking news that Equifax — one of the big three credit reporting agencies — fell victim to a massive data breach is expected to impact nearly half of American consumers. Compromised data included Social Security numbers and credit cards.
That’s the bad news. The good news is you can do something about it.
Equifax is offering free credit monitoring for a year, but to get it means entering the last six (not the usual four) digits of your SSN. If like me you’re skittish about entering more private data at a hacked site, consider these credit-protection tips commonly advised by financial experts:
1. Check your credit report at Annualcreditreport.com. They’re free once per year from each of the three credit reporting companies (TransUnion, Equifax, and Experian). Check for unfamiliar accounts, and anything unusual in credit balances, personal, and account information. I once found a name on my credit card, along with a rental history, that didn’t belong there.
This may be overdoing it, but if you’re especially concerned about fraudulent borrowing, you can “freeze” credit reports. This prevents anyone else from accessing them, including (so consider carefully) legitimate inquiries such as from banks or insurers.
2. Check bank and card statements for suspicious charges. This should be a semiweekly habit anyway, breach notwithstanding. Months could pass before stolen information is actually used. Report anything wrong and formally dispute unauthorized charges. Cancel any compromised account and get a new card. You can also ask to have potentially fraudulent items “suppressed,” which means it won’t appear to anyone looking at the report.
3. Check internet
subscriptions. This means sites and services linked to your bank or cards, such as Netflix, Amazon, software, and music sites. Inventory them (handy when time to enter new card information), consider changing passwords, and check purchases. Just don’t leave inventory with usernames and passwords (nor, obviously, card numbers) on your phone. You’ll regret it if the phone is lost or stolen.
4. Use two-factor authentication. Take advantage of sites that offer an extra layer of protection, i.e., texting a code to your cellphone for account access.
5. Don’t answer unsolicited requests for information, however compelling. Never provide personal information — financial, identifying, phone, or email address — to anyone unknown, or if unasked for. It’s probably spam or fraud, especially given the recent data breach.
For a step-by-step guide to repairing stolen identity, see Identitytheft.gov.
• • •
Sholeh Patrick is a columnist for the Hagadone News Network. Contact her at Sholeh@cdapress.com.