Check your financial accounts as much as you check Facebook to make sure you weren’t hit by the Equifax hack.
Almost half of Americans may have had their personal information hacked.
Equifax, one of the three major credit reporting agencies in the U.S., revealed Thursday that the Social Security numbers, birth dates, addresses, driver’s license numbers and credit card information of potentially 143 million U.S. consumers may have been accessed by cybercriminals from mid-May through July. The U.S. population stands at just over 325 million, meaning almost half of the country’s most sensitive information could have been compromised.
The credit bureau reported that the criminals exploited a weak point in its website application to access certain files, and that some personal information for British and Canadian residents was also hacked.
“The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases,” the credit bureau said in a statement. It’s working with U.K. and Canadian regulators to determine the appropriate next steps. Equifax won’t be contacting everyone who’s been affected, but it will send direct mail notices to those whose credit card numbers or dispute records were compromised. And it’s offering free identity theft protection and credit file monitoring to consumers here.
There’s strings attached, however. Initially, anyone getting the protective service wouldn’t be allowed to sue, join a class-action suit, or benefit from any class-action settlement. Equifax responded to the public backlash from this on Friday with a provision that you can opt out of the arbitration requirement by notifying Equifax in writing within 30 days of accepting the monitoring service.
This is not the largest data breach in history. Last September, Yahoo revealed that 500 million user accounts had been compromised in 2014, and then revealed three months later than a separate 2013 attack hacked more than 1 billion accounts.
But the Equifax hack is especially troubling considering it handles data on more than 820 million consumers and more than 91 million businesses around the world, not to mention a database of more than 7,100 employees.
“There’s no need to panic, but there are definitely some things you can do to take control of the situation, at least to some degree,” Matt Schulz, CreditCards.com‘s senior industry analyst, told Moneyish.
Check your credit report. You’re allowed a free credit report from each of the three credit reporting companies (TransUnion, Equifax and Experian) every year at Annualcreditreport.com. “That’s where you’re able to see any accounts that have been created using your name and Social Security number that you didn’t know about,” said Schulz. If anything looks amiss, report it to the credit agency immediately, but be patient and persistent. “There are going to be an awful lot of people reaching out to them right now,” Schulz said. And Equifax is inviting customers to enroll in complimentary TrustedID Premier identity theft protection and credit file monitoring.
Place fraud alerts on your credit reports. This will require a lender to contact you to verify your identity before it issues any credit in your name. Just contact one of the credit agencies to set up the free alert, and it will notify the other two. This will last for 90 days, and can be renewed.
Check your bank and credit card statements. The same rules apply – look for any suspicious charges over the past several months if you haven’t been monitoring them regularly already. Then report any suspicious charges, and cancel your compromised card for a new one.
Take internet subscription inventory. Just how many services (Netflix, Amazon, Spotify) do you have linked with your bank account or credit cards? Now is a good time to create a file of what services are linked to what financial accounts, and to make sure you have strong, separate passwords for each one. Moneyish has some password strengthening tips here. Plus, if you have to start canceling cards, you’ll have a list handy of which services will need your payment information updated.
Make a habit of checking your accounts. So your accounts look clean now. But keep in mind that many hackers are patient and bide their time before exploiting your stolen information. “Honestly, the threat of fraud never passes,” said Schulz. “It’s really important that you stay vigilant. If you have got time to check Facebook several times a day, you’ve got time to keep a closer eye on your credit card statements and bank accounts.” Plus, the more you check them, the more familiar you get with them – and the easier it is to keep tabs on your finances.
© 2017 Dow Jones & Company, Inc. All Rights Reserved