A staggering 143 million people—that’s one in five Americans—were affected by the Equifax hack, which obtained credit card numbers and personal identifying info such as social security numbers. It’s hard to fathom how a company with so much sensitive information could have allowed this to happen, and the company’s response thus far has been less than impressive by many accounts.
As NPR reported: “Equifax now faces numerous lawsuits, a huge stock price hit and several state and federal investigations. Its slow and incomplete response continues to anger people all over the country, leaving many consumers wondering what — if anything — they can do to protect themselves if the company tasked with safeguarding their credit can’t even make its phone lines operate.”
While being angry and outraged at Equifax is certainly warranted, it unfortunately won’t do a whole lot to prevent your information from being used maliciously. While not every piece of leaked info will be used, for those are affected the potential fallout is massive and includes identity theft. As USA Today explained: “Following the breach, which was made public last week, hackers now have four of the most important pieces of identification data — dubbed the “crown jewels” — for nearly half the nation.”
So what can potential victims do to check whether they’re vulnerable? The first step is to check your information on https://trustedidpremier.com, the website that Equifax has set up. By entering the last four digits of your social security number together with your last name, you can see if it’s likely that your information was hacked. While this is not a foolproof measure, it’s a good first step to see if you need to take further action. There have also been reports that Equifax will issue direct mailouts to those who have been affected. Though according to Fortune, “the company did not give a timeline for when those physical notifications would go out,” so it might be best to be proactive.
If you have been affected, the best course of action is to set up a security freeze on your credit reports. As the Washington Post reported, “A credit freeze is much more powerful than putting a fraud alert on your credit report. It’s the difference between a criminal getting into Fort Knox and breaking into a small metal lockbox. A freeze blocks access to your credit report and credit score. The credit bureau can’t release any information in your file without your permission. (Although companies you currently do business with will still have access to your files.)” While this may cost you anywhere from $10 to $30, there have been calls for congressional legislation to waive the fee in the wake of this attack.
Even after you’ve done all this, it’s important that you check your credit report often and keep an eye out for signs of identity theft, which could continue to be a threat in the ensuing years after this attack. The FTC has published a helpful list of indicators that you might have been a victim of identity theft, which include signs such as “You see withdrawals from your bank account that you can’t explain, you don’t get your bills or other mail, merchants refuse your checks, debt collectors call you about debts that aren’t yours, you find unfamiliar accounts or charges on your credit report.”
Finally, it’s vital that you remain hyper vigilant when it comes to email phishing scams in the wake of an attack like this one. As USA Today wrote, “So-called “phishing” scams, for example, typically target potential victims using fraudulent email messages that appear to come from legitimate enterprises, such as your bank, employer or company you do business with. These scams try to lure you into providing personal data that the cyber thief can later use to rip you off.”