Sep 8, 2017
On Thursday, Equifax announced that from mid-May through July 2017, criminals exploited a U.S. website application vulnerability to gain access to certain files. Specifically, this hack may potentially impact 143 million U.S. consumers. The information accessed includes names, Social Security numbers, birth dates, addresses and drivers license numbers.
This is a major breach, not just because of the sheer number of people affected, but also the sensitivity of the type of information that was compromised. So what now? Below are five steps anyone who could possibly be affected should take.
1-Find out if you are affected
Equifax set up a dedicated site with details on the incident at www.equifaxsecurity2017.com. To find out if you were one of the millions affected, click on the Potential Impactlink in the top navigation. Once there, you're directed to the Check Potential Impact button, where you are then prompted to enter the last 6 digits of your Social Security number and last name. Seems straightforward enough, right? Not really. This is where it gets a bit vague. I checked multiple family members here, and received several different messages.
To get clarification, I called their response line at 866-447-7559, and shockingly got a live person with no wait. She explained that they are still "clearing" names. So if you receive a message telling you to check back on a certain date, this just means they don't know yet if your name was hacked, and will be able to tell you at that time.
2-Enroll in a credit monitoring service:
One option is to enroll in Equifax's complimentary monitoring service, TrustedID which provides the following services:
However, the terms and conditions are unclear, but it appears that signing up for this service means consumers sign away their right to sue Equifax. By waiving away their legal rights, consumers instead agree to arbitration. Other options are available if not comfortable with these terms; NextAdvisor provides reviews on several top credit monitoring services.
3-Monitor all your accounts
If you're like me, you still probably aren't feeling 100% secure, even after completing the above steps. We really don't know what happened with our hacked information from May until now, so I recommend being vigilant in reviewing your account statements, checking for any changes in personal information or strange activity.
4-Visit the FTC for additional recommendations on protecting yourself from identity theft
The FTC Identity Theft site provides advice based on what type of information was stolen, and tells you exactly what to do, such as:
5- Finally if you have experienced identity theft, complete the form on the FTC Identity Theft Recovery site, which will provide a specific identity theft report and "to-do" recovery plan.
Read More: www.forbes.com