Equifax discovered a security breach affecting 143 million Americans. If you’re the victim of a hack or data breach, here’s what you need to do. The Equifax hack of September 2017 is suspected to affect over half of the American population.
With sensitive information such as your name, social security number, and address exposed for the entire hackerverse to exploit, you may not think there’s much you can do to protect yourself.
Unlike a password or credit card number you can easily change, you can’t alter your birthday or get another social security number.
So what can you do if you’re a victim of the Equifax hack or a data breach like it?
Today we’re going to cover everything you need to know to protect yourself both now and in the future.
Assume Your Most Secure Information was Exposed in the Equifax Hack (or a Similar Security Breach)
If you haven’t been impacted by the Equifax hack, chances are you were affected by another security breach with consequences just as dire.
Do the Yahoo!, Target, or Anthem security breaches ring any bells?
These examples of mega data breaches accounted for the hacking of 1.5 billion user accounts, up to 110 million compromised credit/debit cards and contact information, and 78.8 million stolen records from the second-largest US health insurer, respectively.
From credit card numbers to private medical information, your personal intel is probably already on the dark web.
- Names, Social Security numbers, birth dates, driver’s license numbers, and addresses
- Credit card numbers for 209,000 consumers
- Dispute documents with personal identifying information for 182,000 consumers
- Limited personal information for residents in the UK and Canada
“This is a goldmine of information for a thief,” said Chi Chi Wu, an attorney at the National Consumer Law Center.
Not only can hackers sell this information, since this type of information never changes, they can continue to sell and re-use your credentials whenever they want.
When your credit card or account number is stolen, for example, you can usually cancel the fraudulent charges (at no expense to you) and get re-issued a new credit card or account number.
But it’s game over when it comes to your social security number, birthday, or address.
Find Out if Your Information was Compromised in the Equifax Security Breach
Unless you’re one of the credit card or dispute exposure victims, Equifax will not notify you if you’ve been affected by the hack.
So if you’re one of the 143 million people who may be impacted, you’ll need to head to the Equifax Security 2017 site to find out.
Enter your last name and the last six digits of your social security number, but don’t expect many details.
Equifax will tell you that, based on your personal information, you were either not impacted by this incident, or may have been affected. That’s it.
So what happens if you’ve been affected by the Equifax hack, or another one just like it?
What to Do if Your Personal Information was Stolen During the Equifax Hack (or Another Security Breach Like It)
Don’t be a victim for long. After you change all your passwords, follow these 7 steps to get your life back:
1. Check Your Existing Accounts, Credit Report, and Statements for When the Suspicious Activity Started
Matt Schulz, senior industry analyst at CreditCards.com, says:
“When breaches like these happen, consumers need to be diligent — and not just in the short term. Just because nothing looks amiss on your bank statements or your credit report now, that doesn't mean you haven't been compromised."
Stay on top of your accounts and report any suspicious activity you encounter.
Hackers will be waiting for the news of the security breach to blow over. Plus, Equifax is offering affected consumers a year of free credit reporting. Hackers can lie in wait and strike after that year is over and when few people even remember.
2. Freeze Your Credit
Freezing your credit is the safest way to protect yourself from hackers opening new accounts in your name.
When you want to apply for credit or open a new account, you’ll need to “thaw” your credit report first.
That means you have to call the freeze lift line, give them your pin, and either the name of the company you’d like given access to your credit report or the date range you’d like your credit freeze to be lifted.
Since freezing your credit is clearly a time-consuming process, hackers are less likely to attempt using your information (and much less successful).
3. File an Identity Theft Report with IdentityTheft.gov
If someone stole your TV or computer from your home, you’d file a police report. Filing an identity theft report is kind of the same thing.
Report the situation online at IdentityTheft.gov. You’ll be given an incident report to send to companies where fraudulent activity took place under your name and a recovery plan to get your online life back.
4. Put a Free Fraud Alert on Your Credit Report
Put a free fraud alert on your credit reports and it will require creditors to go above-and-beyond when it comes to verifying your identity for new accounts.
Fraud alerts typically last 90 days, but they can be renewed as many times as you need. Plus, you can also request an extended fraud alert which stays on your credit report for the next seven years.
5. Close the Fake Accounts You Find and Dispute Charges on Your Credit Report — In Writing
Use this free sample letter from the FTC to dispute any new accounts opened under your name. These accounts will show up on your credit report so be on the lookout.
Businesses will have an easier time understanding the situation if you have an identity theft report like we mentioned earlier.
Ask for written confirmation from every business that the fraudulent account has been closed and you’re under no obligation to pay back anything hackers may have charged unlawfully.
You’ll also want to use this sample letter to remove inaccurate information from your credit report. Errors here could follow you for the rest of your life. The sooner you report fraudulent activity to the credit bureaus, the sooner you’re protected.
6. Protect Your Online Credentials with a Password Manager
The best advice you can follow to protect your personal information from hackers and data breaches is to remain proactive. After all, protecting your credentials may mean you never have to go through steps 1–5.
Even though security breaches tend to expose private information like your credit card number or bank account, your passwords in the wrong hands can be just as dangerous.
Your passwords are just as vulnerable — and exposed — as your personal information sitting on a company server like Equifax’s.
The real reasons everyone needs a password manager yesterday stem from the fact that passwords are the online currency of the hacker underworld. They can be used to drain your financial accounts, steal your identity, and wreak havoc on your social media profiles.
And how many of your online accounts would be compromised if a hacker stole just one password?
If you’re reusing passwords for multiple accounts, check out our tips for finding the best password manager by this afternoon and start protecting your passwords from the digital threats you’re facing.
7. Stop Giving Out Your Email Address
Similar to your passwords, there are scary reasons to stop giving out your email address and none of them include chain emails (though those are also a nightmare, ps).
If a hacker knows your email address, they can make password reset requests and lock you out of all your accounts. And that’s just the beginning.
Protect Your Online Life with Joinesty’s All-in-One solution: A Password Manager, Email Address Creator, and Deal Finder
Being the victim of a hack or data breach may make you feel as if you’ll never be totally safe online. That’s why you need a secure password manager like Joinesty to have your back.
Similar to your browser’s autofill function (only safer!), Joinesty uses bank-level security to protect your login credentials.
The next time you need your username, email address, or password, Joinesty will fill them in automatically so you don’t have to hunt them down or try to remember them.
Since there’s more to online security than encrypting your passwords, we layer on protections so we know it’s really you accessing your accounts, such as:
- 5 failed-login attempt blockers
- Separate PIN protection for your passwords
- Multi-factor authentication
- Cloud-based storage so your computer doesn’t become a target
Now here’s the cherry on top of your secure credentials sundae:
What if you never had to give out your personal email address ever again?
Using the Joinesty browser extension’s patent pending technology, we’ll create a unique email for every site you want to use or join. Then we’ll add that unique email address to the sign-up fields for you.
You won't notice any disruption in your email service; we’ll forward any emails you receive directly to your inbox.
We’re the only password manager with unique email creation capability.
So when you hear about the next security breach or massive online hack, you can breathe a little easier knowing your email address and passwords are secure.
In the age of internet insecurity, Joinesty is the first step in taking back control of your online life. Secure your accounts. Protect your privacy. Live better online.
Start your free 14-day trial of Joinesty and see our secure email address creation feature in action…right now!