How the Equifax Breach Could Affect You — Still
It’s been nearly 18 months since Equifax announced its massive data breach.
The credit agency — one of the three main consumer credit bureaus — revealed in September 2017 that approximately 143 million Americans may have had their personal information compromised. Beyond the size, what made the Equifax hack so notable was the vast array of information that was accessed: names, Social Security numbers, birth dates, addresses and credit card numbers.
Things only got worse from there. In March 2018, Equifax announced it found another 2.4 million people who had part of their driver’s license information stolen in the same breach. This discovery, along with others in prior months, brought the total number of affected consumers to 148 million.
And those consumers might still be feeling the effects today. Here’s what you need to know about the breach, what to do if you’ve been affected and how to protect your information moving forward.
- Identity thieves may still target Equifax breach victims
- What remedies has Equifax offered?
- What has the government done?
- Has there been an increase in ID theft since the hack?
- What to do if you think you’ve been hacked
Identity thieves may still target Equifax breach victims
Paul Benda, senior vice president of risk and cybersecurity policy for the American Bankers Association, said there’s a chance identify thieves will continue to target people who were involved in the breach.
“What the fraudsters try to do is target those folks that they have the most information on,” Benda said.
ID thieves could use the exposed data to access other accounts and guess login information, Benda said. He also noted that even if fraudsters are unable to hack you immediately, they could use data from the breach as a basis for phishing scams — using the knowledge they already have to build trust and then steal more information.
“It’s all about building a profile of that person, so that [the fraudster] can be viewed as a legitimate requester of information,” Benda said.
Unfortunately, threats like these make the Equifax hack just as relevant now as it was in 2017.
What remedies has Equifax offered?
Equifax responded to the hack by offering one year of free ID theft protection and credit monitoring for all consumers, regardless of whether they were one of the 148 million people affected.
Additionally, the credit bureau created a help website where consumers can check if their data was compromised and see what information may have been exposed.
The site also offers updates on the breach and options for protecting your personal information, including credit freezes, credit locks and fraud alerts.
What has the government done?
The U.S. government has offered its own remedies to the breach, including passing legislation that makes it easier for consumers to protect their credit data.
The new law, passed by Congress in May 2018, makes it completely free to freeze your credit report — an action that previously cost between $3 and $10, plus additional fees for unfreezing. Credit freezes restrict access to your credit report, which makes it harder for fraudsters to open an account in your name.
The legislation also requires credit bureaus to handle freeze requests within one business day if they’re made over the phone or online, or within three days if they’re made via mail.
The Federal Trade Commission (FTC) also created its own informational website for the breach. Similar to Equifax’s help site, the page provides information about identity theft, options for protecting personal data and news related to the incident.
Has there been an increase in ID theft since the hack?
Cases of fraud and identity theft have nearly tripled since 2006, growing from just 0.91 million reported cases that year to 2.68 million in 2017. However, Benda said this trend has little to do with any specific incident.
“There’s been a year-over-year increase, but not a spike from one year to the next,” Benda said. “So I don’t think we can say that [the Equifax breach] alone caused a spike in identity theft.”
ID thefts have increased simply because people are keeping more data online, said Mason Wilder, a research specialist with the Association of Certified Fraud Examiners in Austin, Texas.
“People are using the internet for more and more things that involve their personal information,” Wilder said, “And there are more people looking to gain access to that information for nefarious purposes.”
What to do if you think you’ve been hacked
If you think your data was compromised in the Equifax hack — or in any other data breach — there are a number of ways to respond. Here are some options:
- Alert your bank: This should always be your first move, Benda said. If you think your information has been exposed, you should immediately change all your account numbers and credit cards.
- Freeze your credit: A credit freeze will restrict access to your credit report, making it so only the government and familiar financial entities can access your information. Benda recommended this strategy if you’re sure you’ve been exposed. However, he noted that you’ll have to unfreeze your credit any time you want to open a new account or take out a loan. The FTC’s website has all the information you’ll need to request a freeze.
- Set a fraud alert: Less extreme than a credit freeze, fraud alerts simply require any business — such as a bank or lender — to verify your identity before giving out your personal data. An alert lasts one year, and you only need to contact one of the three main credit bureaus to request one. They’ll inform the other two for you.
- Report the incident: You should report any fraud concerns to the FTC’s ID theft website. The page will ask you some questions, then recommend a recovery plan based on your situation.
- Be proactive: To prevent future fraud, check your credit score as often as possible. Remember, you are entitled to a free credit report from each of the three bureaus every year, which you can get at AnnualCreditReport.com. Benda also suggested having your bank monitor your credit for you, as most now offer this service for little to no cost.
In today’s news environment, it’s easy to forget about even a major breach like Equifax’s, but that doesn’t mean the danger has passed. Stay vigilant, and always keep an eye on your credit.