Data Breach – Privacy Client Alert – EQUIFAX Data Breach
Business Law / News
The Equifax data breach is well reported at this point, reportedly impacting roughly 143 million U.S. consumers; This particular breach became newsworthy due to its sheer volume; hackers gained access to information including names, Social Security numbers, birth dates, addresses, driver’s license numbers, approximately 209,000 credit card numbers and other personally identifying information for around 182,000 people.
Now new details are emerging, including reports of previous alleged breaches, and further demonstrating the grim yet simple reality for consumers: these types of breaches are horrifyingly common.
Was Your Information Stolen?
You can check to see if you have been impacted by the breach by visiting Equifax Security and clicking on the Potential Impact tab. You must enter your last name and the last six digits of your Social Security number, so the FTC is advising that you do this only from a secure computer and encrypted network. Alternatively, you can call Equifax at 866-447-7559. Given the number of impacted individuals, you can expect some delays.
If you’ve already done this, it’s important to note that Equifax initially required those who wished to use this tool to agree to waive their right to a lawsuit and exclusively agree to arbitration. While Equifax eventually removed these provisions from their agreement, we cannot predict whether new or similar terms may be inserted later. This could fundamentally affect your rights as a consumer, particularly your right to hold them accountable for failing to adequately secure your sensitive information.
Fortunately, there are other ways you can check on your credit health and protect yourself from identity fraud. You can order an annual free credit report each year, regularly monitor your bank accounts and credit card statements, and place a fraud alert and/or credit freeze with the credit reporting agencies.
Fraud Alerts & Credit Freezes
You are probably starting to hear terms that were rarely used previously, such as “credit freeze” and “fraud alert.” While you may not know what these terms mean, it’s important to learn since they could prove to be valuable tools for protecting your identity if your personal information is ever stolen.
A credit freeze is exactly what it sounds like: a full freeze on your credit report. A frozen report cannot be accessed by potential creditors, meaning new accounts or any transactions which might require a credit check cannot go through. On the plus side, thieves won’t be able to use your stolen information, but on the downside you won’t be either.
Anything that might require a credit check will require you to instruct the credit reporting agency to lift the freeze, which can take several days and requires advance planning. In order to completely secure your information, you must place a credit freeze with each credit reporting company: TransUnion, Experian and Equifax. Each agency may charge a fee for placing and lifting a credit freeze; however, Equifax claims they are waiving the fee for placing a credit freeze for a short period of time.
A fraud alert is a bit of a compromise between a freeze and no activity at all. While your credit report remains un-frozen and your information can still be used for transactions, your credit report also comes with a notice that you may be a victim of identity theft.
This prompts potential creditors to take extra steps to verify your identity before allowing you to obtain a new line of credit. There are two types of fraud alerts: an initial fraud alert, which remains in place for at least 90 days, and an extended fraud alert that remains in place for seven years. You can only obtain an extended alert if you have been the victim of identity fraud. To place a fraud alert on your file, calling any one of the three major credit reporting agencies.
Preventing Identity Theft
Protecting your identity requires that you remain vigilant now and in the future. The Federal Trade Commission published a blog post on the Equifax breach, and have set up a site discussing proactive steps consumers can take if their personal information was compromised by an information breach or through identity theft. Equifax is also offering free credit monitoring services that can alert you in the event they detect any potentially suspicious activity.
If you elect to obtain free monitoring from Equifax (or pay for monitoring from another provider), it is equally important to think beyond the initial monitoring period, particularly if the information included your Social Security number along with other personally identifying information. Your social security number typically stays with you for life, and the records that are associated with it can also leave lasting damage to your credit report.
While it is foreseeable the hackers will one day be brought to justice, it is unlikely that this information will be sealed forever. In fact, some hackers resell this information and the purchasers sit on it until the consumer is less likely to expect a breach, which could be months or even years. This means many consumers should now engage in credit monitoring for the rest of their lives as a result of this breach. While that may sound extreme, it is completely rational given the nature of the breach. It’s also arguably a prudent thing to do in today’s world where these types of breaches seem to be happening more and more frequently.
If you do engage in credit monitoring, it is important to take it seriously. In our modern society, we received email after email and text message after text message from various companies trying to sell us products or provide us information. Some of us delete these or ignore these as easily as we breathe. Do not ignore your credit alerts. Read them carefully and then follow up on anything that does not immediately seem familiar to you. The good news is there is relief. Aside from the various claims that will be brought against Equifax for this breach, federal law provides certain protections against unlawful or improper debt collection.