Like most people, my credit cards have periodically been stolen, and subsequently replaced by my credit card companies. A vendor for my health insurance company was also hacked, entitling me to free Identity Theft Monitoring. I have felt lucky that any assault to my personal credit has been limited.
But the Equifax breach is different. It affects over half the adult population and involves more than just one piece of information. By potentially being able to combine name, address, date of birth and Social Security number, the thieves may have sufficient information to create mini credit clones of each of us affected by the breach. Worse, the information that defines us, such as date of birth and SSN, does not change, possibly allowing future thieves and the generation of thieves thereafter to utilize our data for their purposes. Clearly when institutions fail us, we become responsible for ourselves.
In this blog I will talk about some of the actions everyone should be taking regularly to help protect them from credit fraud and identity theft. And then I will provide what steps StrategicPoint recommends that you take as a result of the Equifax breach.
What you should do personally:
Checking statements:
You have heard this before: check your bank, credit card and insurance statements for information you do not recognize. The advice requires more than just a monthly brief scan of your statements when they come in the mail or you are notified on line. It means you have to make time to review each line item, question each activity you don’t recognize and research whether you responsible for them or not.
How often do we forget a purchase we made last month (or a purchase a joint card holder made)? Before calling the bank/credit card company, it is up to us to dig into our memory banks, check our calendars as to where we were on the day recorded, talk to our spouses, look up the source of the charge on line (if it doesn’t quite match the place of purchase) etc. etc. Most of the time we will actually have made the purchases we question.
However, if you suspect your information has been compromised, call the fraud departments of your bank, credit card or insurance companies. These numbers can be found on the website of the issuers of your accounts. Do not respond to e-mails or phone calls regarding any misappropriation of your information unless you can corroborate through a second call. My practice is: if I feel I am actually talking to my credit card company about a potential breach, I will thank the caller and then call the fraud number on the website to provide any information needed before issuing a new card.
Order annual credit reports
You are entitled to one free credit report a year from each of the top three credit reporting agencies (Equifax, TransUnion and Experian). The best approach is often to spread these reports across the year – one every four months. You can apply on line. If you forget your own history (I once forgot a P.O. Box address I briefly used years ago) the companies will give you a chance to fill in a mail application to be accompanied by documentation (such as a copy of your original social security card, drivers licenses, passport, etc.) that become part of your history. It is a bit unnerving, but I haven’t figured out a way around it.
In order to receive your free reports, you should apply on line at www.annualcreditreport.com. (Other sites will likely charge you.) By acquiring a credit report every 4 months, you can set up your own credit monitoring as a backup to any monitoring the credit card companies provide.
For both checking statements and receiving credit reports, we would suggest keeping calendar reminders, since it is easy to forget or let too much time pass.
Changing credit card numbers
Equifax is purportedly going to notify people whose credit card information was exposed (this does not apply to everyone affected by the breach). If you receive notification from Equifax, call your credit card company, cancel your card and request a new one.
Equifax itself
Everyone should determine if their information was compromised by going to http://www.equifaxsecurity2017.com on a secure computer and an encrypted network connection. You will be inputting your last six digits of your SS number, and want to use a trusted computer to do this. There are two answers we have seen: your information has not been compromised (the least often response) and your information may have been compromised – which, for practical purposes, you should assume to be a yes.
Free credit monitoring
You should take advantage of the free monitoring offered by Equifax (even if your information may not be compromised) now that Equifax has changed the terms to allow participants to take part in any future class action suits against the company.
One word of caution: credit monitoring only supplies you with notification when a company has tried (or succeeded) in applying for credit under your name. It doesn’t prevent the application for credit being approved; it merely shortens the time to discovery. You still have to clear up any damage.
Free fraud alerts
This is an additional step in credit monitoring, which requires those applying for credit in your name to contact you and get your permission before opening any new credit in your name. Everyone is eligible for free fraud (also called security) alerts for 90 days at a time (these can be renewed). Again – use your calendars as a reminder of when your alert expires.
Security freezes
Freezes go one step further and restrict access to your credit report, which is required by most companies before they will authorize any new accounts or lines of credit. They are recommended to those individuals who are not in the immediate market to buy a new house, refinance, change employment or open any additional lines of credit. If you do need new or additional credit, you may want to wait until these transactions are complete before freezing your credit reports. Once you establish a freeze (and unfortunately you need to apply to each of the credit reporting companies individually for full coverage) each company will supply you with a PIN which you must use to unfreeze your reports in order to obtain new credit yourselves. Please note credit freezes are not free and costs will vary- be sure to ask each credit bureau what their fees will be prior to proceeding.
Yes, the steps outlined to protect your credit information and history will be a lot of work on your part. Unfortunately, that work will need to continue until consumers’ safety and trust become top priorities of the credit industry. Until that time, there is no better monitor of your own credit than yourself.
Here are some links and contact numbers for the three main credit reporting agencies:
Link to Equifax: to determine if you have been impacted by the breach and for free credit monitoring
https://www.equifaxsecurity2017.com
Links for Freezing Your Credit Information
Equifax:
https://www.equifax.com/personal/credit-report-services/credit-freeze/
1-800-349-9960
Experian:
https://www.experian.com/help/credit-freeze/
1-888-397-3742
TransUnion:
https://freeze.transunion.com/sf/securityFreeze/landingPage.jsp
1-888-909-8872
Link to Obtain Free Annual Credit Report:
https://www.annualcreditreport.com/index.action
Betsey A. Purinton, CFP® is the former Managing Partner and Co-Chief Investment Officer at StrategicPoint Investment Advisors in Providence and East Greenwich.
The information contained in this post is not intended as investment, tax or legal advice. StrategicPoint Investment Advisors assumes no responsibility for any action or inaction resulting from the contents herein. Betsey’s opinions and comments expressed on this site are her own and may not accurately reflect those of the firm. Third party content does not reflect the view of the firm and is not reviewed for completeness or accuracy. It is provided for ease of reference.