By now we’re sure you’ve heard about the massive cybersecurity breach at Equifax. The bad guys wormed their way into the credit reporting company’s data and managed to obtain personal information on more than 143 million U.S. consumers and an undisclosed number of U.K. and Canadian people. The hackers obtained data including names, social security numbers, birth dates and more belonging to consumers beginning in mid-May before the breach was discovered on July 29.
The criminals were also accessed credit card numbers of about 209,000 U.S. consumers and documents with personal identifying information of 182,000 U.S. customers.
Equifax has set up a separate site at https://www.equifaxsecurity2017.com where concerned persons can check to see if their personal information might have been exposed and then are given a date in about a week when they can enroll in a one-year complimentary identity theft protection and credit file monitoring product called TrustedID Premier. According to an article in The Register, some have expressed concern that the wording in the terms of service may mean signing away rights to file a lawsuit and agreeing to arbitration instead. Hopefully a clearer understanding of the terms will emerge in the coming week.
Equifax has reported that it will send direct mail notification to those individuals whose personal information may have been compromised. Whenever there is a large security breach such as this one, criminals will try to prey on worried consumers by sending phishing emails (like the one below) and tricking them into clicking on a malicious link or getting them to disclose personal information. Because it is difficult to distinguish between legitimate and phishing emails, do not click on any links in emails that appear to come from Equifax. Instead, type the web address directly into your browser or pick up the phone and call the company directly. They have opened a dedicated call center at 866-447-7559, available from 7:00 a.m. to 1:00 a.m. Eastern time, seven days a week.
Here is what you can do now:
- Review account statements for unusual or fraudulent activity
- Monitor your credit reports. You may obtain a free copy of your credit report from each company listed below once every 12 months by requesting your report online at www.annualcreditreport.com, calling toll-free 1-877-322-8228, or mailing an Annual Credit Report Request Form (available at www.annualcreditreport.com) to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA, 30348-5281. You may also purchase a copy of your credit report by contacting any of the credit reporting agencies below:
Equifax, PO Box 740241, Atlanta, GA 30374, www.equifax.com, 888-766-0008
Experian,PO Box 9554, Allen, TX 75013, www.experian.com, 888-397-3742
TransUnion,PO Box 2000, Chester, PA 19016, www.transunion.com, 800-680-7289
- If you believe you are the victim of identity theft, you should contact the proper law enforcement authorities, including local law enforcement, and you should consider contacting your state attorney general and/or the Federal Trade Commission (“FTC”). You also may contact the FTC to obtain additional information about avoiding identity theft.