white laptop with red background and hacker logos

How to Minimize the Impact of the Equifax Data Disaster

Privacy and Security
September 27, 2017
Beth Stewart

If you’re a registered voter or have a credit card, it’s very likely that you have had your personal data stolen within the past six months.

There were 791,820,040 identities stolen in the United States alone in 2016.  Between the last half of 2016 and the first half of 2017 the number of reported data breaches increased 13 percent and the number of data records lost or stolen during that time increased 164%. Unfortunately, this isn’t even the whole story when it comes to records; more than 500 of the reported data breaches had an unknown or unreported number for compromised records. 

The scary part is these statistics do not include the recent Equifax breach, which compromised personal data of 143 million consumers, 209,000 credit card numbers and 182,000 dispute documents with personal identifying information.

When a credit card number is stolen, it is relatively easy to shut down the compromised card and get a new one.  The data compromised in the Equifax breach included birthdates, addresses, driver’s license numbers and social security numbers - information that is forever valuable and that can be used to create a new “you”.

Unlike a credit card that can be cancelled with a quick phone call, in five years your social security number will be the same. That nine-digit number is the gateway to your financial ties, tax records, credit rating and employment history.  It’s also used as interconnected identification and treated as an authenticator to make sure you are who you say you are.

With this data cybercriminals have opened the door for total identity theft and unfortunately, protection from the long-term effects of this breach falls to the consumer - so what can you do?

‍Prepare yourself; this will happen again
  • ‍Assume your information was compromised and that you will be affected
  • Change the log in information and passwords of any accounts connected to or that could be affected by the breach.  If the username/password has been used on other sites, change those also.  For details and information about creating stronger passwords check out our blog post about the recent changes to the NIST Password Guidelines.
  • Obtain a copy of your credit report from all three reporting agencies (Equifax, Experian and TransUnion) to check for unusual activity, especially over the past four months.  You are entitled to free copies of your reports once every 12 months via the annualcreditreport.com site. CreditCards.com provides a great interactive credit report sample with a walkthrough of the most common elements that appear in each of the three credit bureau reports, as well as a link to a free annual credit report from TransUnion. 
  • ‍Check and monitor credit card accounts, bank accounts, as well as hotel and airline loyalty accounts for suspicious activity and fraudulent charges. 
  • Place a free fraud alert on your credit file with one of the three reporting agencies.  This is a renewable, 90 day alert requires lenders to verify your identity before issuing credit and notifies you when anyone opens a new account in your name.  Only one of the three bureaus needs to be notified for a fraud alert (whichever bureau you contact is required to notify the other two.)  Victims of identity theft can request an Extended Fraud Alert, which lasts 7 years.
  • ‍Consider freezing your credit.  Placing a freeze on your credit file prevents anyone (including you) from applying for credit until the freeze is unlocked by you.  A freeze also prevents anyone from viewing or making changes to your credit report.  You must contact EquifaxTransUnion and Experian individually to place a freeze and set up your personal identification number (PIN), which allows you to temporarily lift, replace or remove the freeze. In South Carolina there are no fees to place or remove a freeze.  For North Carolina residents, the fees can vary depending on the credit bureau, consumer age and if the protected customer has been a victim of ID theft.
  • ‍ File your taxes early! Having monitoring or a credit freeze in place does not prevent tax related identity theft, which is already on the IRS’ Dirty Dozen List.  Unfortunately, the protections the IRS currently has in place (filing an identity-theft affidavit or obtaining a filing PIN) are only available for victims of tax-related identity theft.  Having your Social Security Number exposed in a data breach is not enough.
  • ‍Monitor your tax record.  The IRS offers online access to tax records so taxpayers can view the details of their tax accounts. If someone files a return in your name you will be able to take action quickly.
  • ‍Watch out for phishing, phone and other scams that claim to be connected to the breach or updates from Equifax.  Equifax will be sending paper mail to those impacted by the breach - they will not contact you directly by phone or e-mail.
  • If you discover you have been a victim of identity theft, you should file a report online with Federal Trade Commission or contact them by phone at 877-438-4338.  The FTC advises victims to also alert local law enforcement with the following items:  Copy of your FTC identity theft reportProof of address such as a utility billGovernment-issued ID with a photo and any other proof such as a bill or IRS notice.

The FTC will also provide you with the Federal Trade Commission Memo to Law Enforcement to turn in along with your other information.

pivotal it watermark black text blue IT services

Unauthorized use and/or duplication of this material without express and written permission from Pivotal IT is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Pivotal IT with appropriate and specific direction to the original content

more articles
Local Call Spam? Here's How to Block Robocalls on Landline and Mobile
Robocallers and scammers disguise their actual phone numbers with fake numbers that appear to be local - in the hopes that you will pick up the phone. In this blog post we'll walk you through blocking spam calls and provide you with best practices for dealing with robocalls and phone scams.
Privacy and Security
June 14, 2018
Spartan High Cyber Vikings
Introduced in 2009, the U.S. Air Force Association's Cyber Patriot program was designed to address a critical need: Drawing more students to education and careers in cybersecurity and other (STEM) fields.
Privacy and Security
November 28, 2017
2017 NIST Guidelines Revamp Obsolete Password Rules
The 2017 NIST Digital Identity Guidelines show a shift in strategy regarding complex password requirements in an effort to make it easier for users to create better passwords.
Privacy and Security
August 22, 2017