Data breaches are a constant concern in our modern society. As the latest in a long string of data breaches, Equifax recently announced they were the target of a cyberattack in which the sensitive information of nearly half of all Americans was compromised. You can follow this link to see if you’re one of the 143 million potentially impacted.
In addition, our Director of Financial Planning, Rob Cordeau, has put together a helpful piece on how you can prevent identity theft, what options you have for monitoring your credit, and what to do if you discover you’re a victim. While this was inspired by the Equifax breach, these are smart living tips for everyone to live by in this digital age.
In the past, it seemed the biggest threat to our personal information was our own ignorance. Maybe we fell for a scam and gave out personal data or failed to use a strong password – or worse – we used the same, weak password for everything.
Lately, however, the most likely cause of your personal information finding its way into a hacker’s grubby little hands seems to be not your own mistakes, but the corporate blunders of previously trusted companies. Massive corporate data breaches are becoming so commonplace that incidents involving millions of victims are no longer the top story on the evening news.
How Can I Prevent My Data From Being Exposed?
The short answer is, you can’t. Even the most cautious and prudent approach regarding sensitive information can be derailed by a hack at a major retailer, website, or even a credit reporting agency – poof, there goes all your hard work (not to mention that protective little bubble you thought you had placed around your Social Security number and date of birth).
However, you can – and should – take precautionary steps to reduce the possibility of identity theft. For instance:
- Shred all sensitive documents, credit card offers, expired cards, etc.
- Use complex passwords
- Never give your sensitive information to unsolicited phone callers
- Install anti-virus and anti-malware software on your computers
- Enable security features on mobile devices
- Exercise caution in clicking links and opening attachments on emails
- Don’t submit sensitive data while using non-secured, public wifi
- If you don’t have a PO Box or locked mailbox, collect mail promptly and suspend it while you’re away
- Be prudent in deciding how much information to disclose on social media
Even if you choose to avoid credit cards and electronic transactions in an attempt to play it safe, you’re still not immune. Remember, a thief who has your identity from a corporate breach can open up new cards in your name.
Since basically everyone is exposed to this risk, it’s prudent to focus on not only preventive measures, but also on a proactive monitoring strategy that will provide you with early detection when there is a breach or other unauthorized use of your identity. You’ll notice I used the word “when” and not “if.” Breaches have become so ubiquitous, that we are operating under the assumption that if your data isn’t already out there, it will be at some point.
Credit Monitoring
The following are some steps you can take to better monitor your credit and make it easier to deal with those inevitable breaches:
- Review bank and credit card statements for unauthorized transactions
- Choose to use credit rather than debit if your card has both options – credit cards enjoy greater federal protections in the event of fraudulent activity
- Review your credit report regularly. This can be done either manually or via a credit monitoring service.
Self-Monitoring vs. Using A Credit Monitoring Service
You can review your credit on your own at very little to no cost. You have a legal right to request a free credit report from each of the three credit reporting agencies: Transunion, Experian, and Equifax (although I understand if that last option leaves you feeling a little uneasy. Just visit this website: www.annualcreditreport.com, or call: (877) 322-8228.
Some people choose to stagger these three free reports per year by obtaining one every four months to maintain a semi-regular “check-in” on their credit file. The drawback here is that a lot can happen in four months. In fact, some creditors will only pull your credit file from one of the three agencies, so depending on which agency was used by the creditor used by the identity thief, and when you last pulled your own credit report, you could be looking at a lag of months before you find out about the damage – and a lot of damage can be done to your credit during that period.
Credit monitoring services, on the other hand, typically scour all three of the credit reporting agencies daily for notification of new accounts or suspicious activity. We won’t review all of these services for you, but most of them offer email or text notifications, periodic credit reports, and customer support. Other features vary from service to service, like mobile apps; access to credit scores; court record monitoring; medical ID fraud detection; black market website monitoring; change of address alerts; lost wallet assistance; etc.
Credit monitoring services tend to charge between $15 and $30 per person per month for their services. So, this isn’t exactly cheap, especially if your family consists of four or five people. And remember, it doesn’t prevent the theft, it just informs you when it happens so you can lock things down that much quicker.
It’s up to you which approach to take. Just avoid the hands-off approach of never looking at your own credit reports.
What If I’ve Been The Victim of a Breach?
Here are some steps you may want to take if you discover you’ve been a victim:
1. Immediately contact the institution that was directly involved. If your credit card was stolen, you’d want to call that card issuer as soon as possible. If it was tax fraud, contact the IRS. If the fraud involved a change of address, contact the postal service. If your Social Security number was stolen, inform the Social Security Administration, and so forth.
2. Place a “fraud alert” on your credit report. A fraud alert forces lenders and creditors to take extra steps to verify your identity. Filing the alert entitles you to a free credit report, which you can review for errors and fraudulent activity. The alert remains in place for ninety days. You only need to notify one of the three credit reporting agencies, and they will notify the other two for you:
- experian.com or (888) 397-3742
- transunion.com or (888) 909-8872
- equifax.com or (888) 766-0008
3. Place a credit freeze on your account. This essentially locks down your credit, requiring more steps from you to temporarily lift the freeze if you want to open up a credit account. You need to notify each of the three agencies to initiate or lift a freeze. And, although anyone who is a victim of identity theft can initiate a freeze, certain states will not allow you to place a freeze on your account if you have not been a victim of identity theft.
4. Notify the Federal Trade Commission either online or via their identity theft hotline at: (877) ID THEFT (877-438-4338)
5. File a police report in your local town or city.
And don’t forget to let your financial advisor know what’s happening – he or she can be a wealth of information and provide you with guidance as you work your way through the credit restoration process.
