Unsolicited advice on what to do regarding the Equifax data breach.

Here’s some unsolicited advice on what to do regarding the Equifax data breach this past week.  The advice below is what I gave to my children and it’s what I did and what I do on a regular basis to try to keep my financial life as secure as possible.  There may be better and more secure ways to do these things but this is the best way I know how.

You may have heard about the data breach with one of the three major credit reporting agencies. The data breach covered half of the population in the U.S. Normally I don’t worry too much about these data breaches but this one is really serious because Equifax let loose everything a person needs to open credit accounts and take out loans in your name. The first thing you should do is to go to the following link to determine if there is potential that your data was compromised.

https://www.equifaxsecurity2017.com/potential-impact/

If they say there is potential they are offering 12 months free fraud protection. Regardless of whether or not your credit information was compromised, in this day and age, it’s probably smart to put a security freeze on your credit reports with all three of the major credit reporting agencies.

It’s a bit of a pain to place a security freeze on your reports because every time you want to apply for credit or a new loan you’ll have to unfreeze your reports. But, this is the only way to try to prevent someone from taking out loans or opening new credit cards in your name, thereby ruining your credit. It costs at most $10 each so it’s a small cost to try to be secure. Go to the following links to place security freezes on your credit reports.

You’ll receive a PIN that you must not lose. Without that PIN you won’t be able to unfreeze your credit reports. That PIN is the only thing, for the time being, that the people who committed the breach won’t have. Print it and keep it in a safe or someplace else that is secure.

In addition to putting freezes on your reports you should also make a regular practice of reviewing your credit card, checking, and other financial accounts online as well as downloading and keeping all your financial  statements. With Dropbox, iCloud, Google Drive, Microsoft Onedrive, or even your local hard drive or removable storage media there really is no reason to not keep these documents. All my statements over a period of over a decade take up less than 200 MB of disk space. Should someone gain access to your accounts, particularly with bank accounts, and drain them statements will help prove what you had prior to any security breaches.

Use two-factor authentication where ever it’s offered. I use it with my Google accounts, Facebook, Twitter, Instagram, bank accounts, and any place else that allows it. Whenever possible I prefer to use a time based authenticator like Google Authenticator rather than SMS authentication because it’s more secure. SMS authentication less hassle but is better than nothing at all.

One more thing you should be doing. is using a password manager like Lastpass. Having separate complicated passwords for all your various logins will prevent someone from taking your information from one bank or social media service and using that to gain access to all your financial accounts. You’ll only have to remember one long password (mine is 39 characters long) and there are apps for iPhone and Android and browser extensions to make logging in as easy as possible.

Here are two articles on the Equifax breach if you’re interested.

https://arstechnica.com/information-technology/2017/09/so-equifax-says-your-data-was-hacked-now-what/

https://krebsonsecurity.com/2017/09/breach-at-equifax-may-impact-143m-americans/