Yesterday, Equifax revealed that its website had been hacked. The breach, which occurred between mid-May through July 2017, allowed the hackers to access names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.
Equifax, for its part, is offering one free year of credit monitoring through its website. The website also allows consumers to determine if they were affected by the breach. Even those of you who limit how many financial transactions are done online may well be among those whose data was stolen.
There are several steps you can, and should, take (if you are not already doing so):
Check Your Credit Reports Every Year—Doing so will tell you what accounts have been opened in your name and what addresses the credit bureaus have on file. Consumer Reports recommends Annual Credit Report. This website will allow you to access reports from the three credit bureaus, for free. Though you can only see one report from each credit bureau each year, you don’t have to see all three at the same time. I check one bureau every April, another one every August and the third one every December. (Update: It also makes sense to pull your report from Innovis, a smaller fourth credit bureau. You will have to go Innovis’s website separately to pull it.)
Set Up Credit Freezes—These will place a block on all credit applications. You can temporarily open them up when you want to apply for a new credit card, take out a car loan, refinance a mortgage, etc. Credit freezes are effective, but they will require extra effort on your part when applying for loans and other transactions involving a credit check. You can set them up through each of the three credit bureaus.
Read Through All Your Statements Monthly—The faster you can catch an unauthorized transaction, the sooner you can limit any additional damage and headache. If a transaction looks suspicious, challenge it immediately.
Use Different Passwords—Do not use the same password for every website. Change them up and make them complicated. Instead of say, “password,” use a combination of numbers, upper and lowercase letters. A password manager can help greatly. I personally use Dashlane, but there are others such as LastPass.
File Your Taxes as Soon as Possible—If you typically delay until April 15 to file your taxes, stop doing so. The quicker you can file your taxes, the less opportunity you give scammers to file a fake return. Obviously, you may have to wait on certain tax forms (e.g., 1099s, K-1s, etc.), but you shouldn’t otherwise delay filing.