Identity theft is something you hope you never have to deal with. But thanks to the Equifax data breach, it’s something we all need to be concerned about now.
Equifax is one of the three credit reporting agencies in the United States. When you pay off a loan or forget a payment, Equifax knows. It uses this information to help lenders decide if they want to lend to you. It also may affect whether you can rent an apartment or buy things on store credit.
You never signed up for Equifax. It gets your information from lenders and companies you owe. Equifax had your entire financial history stored on its servers. Until now.
What happened with Equifax?
There have been several data breaches over the last few years. Target suffered a breach during holiday shopping in 2013 that affected nearly 41 million customers. The Federal government’s Office of Personnel Management suffered its own data breach in 2015. About 18 million federal employees were victims of that breach. Whether it’s the public or private sector, these data breaches prove that no one is immune.
Now, Equifax is in trouble. Over the last five months, the credit reporting agency suffered a massive data breach. Nearly 140 million people had their information stolen from Equifax. This is, by far, the largest data breach in world history.
Equifax finally discovered the data breach on July 29, 2017. As it turns out, hackers exploited a weakness in their serves where all of our information is stored. Equifax claims that they hired a cybersecurity firm to help them determine the damage to consumers soon after discovery. But we didn’t learn about this data breach until early September.
That means someone might have stolen your identity in May, and you only learned about it in September.
What data was stolen?
It’s hard to tell right now. Equifax reported that most of the information stolen included:
- Current Addresses
- Former Addresses
- Social Security Numbers, and
- Drivers’ license numbers.
Approximately 209,000 credit card numbers were compromised, too.
This is particularly frightening. The hackers stole enough information to steal your identity. It’s up to you to protect yourself. We discuss how to do that below.
Protecting yourself from the data breach
There are several ways you can protect yourself from the data breach. Here are our suggestions.
1. Check your free credit report
The three big credit reporting agencies–Equifax, TransUnion, and Experian– set up AnnualCreditReport.com to comply with federal law. It allows you to get a free credit report once a year from the three agencies. How you choose to view the credit reports is up to you. You can check all three credit reports at once. Or, you can check all three over a few months.
Checking these reports will not impact your credit score. But they do not give you a credit score, either. Read below for more information about that.
The three credit reporting agencies get mostly the same information. But, they don’t have everything. Some credit reports may lack information that the others have. For example, a TransUnion report may have your latest address, but Experian may not. This is normal.
When you check your credit report, you need to look at your accounts. Read them carefully. It’s a red flag if you see accounts you don’t recognize. That means your identity may have been compromised. You will need to contact the lender and credit reporting agency to make it right.
2. Check your credit score
There are several free services that let you check your credit score. If you are a Chase customer, or Discover Card customer, you may already be enrolled in this feature. CreditKarma.com is a popular choice to check your credit score. Credit Karma is a free service that checks your credit report, and uses the VantageScore model to give you a credit score. The higher your score, the better your credit.
Some of these free services update your credit score once a month. Credit Karma will update your credit score every week. Keeping a close eye on your credit score can help you protect yourself. This is especially true if you’ve already viewed your free credit reports from AnnualCreditReport.com.
3. Freeze your Credit
This is the only fool-proof way to protect your credit.
If you don’t plan on taking out a loan or applying for a new credit card soon, consider freezing your credit. When you freeze your credit, the reporting agency gives you a PIN that only your will know. Once you freeze your credit, no one can access your credit report.
If you freeze your credit, you need to keep your PIN. Save it in a location where it will not get lost. You need it to unfreeze, or “thaw” your credit.
Why freeze? Even if an identity thief steals your personal data, they won’t be able to establish credit in your name.
There is a small cost for freezing and thawing your credit. In our view, it’s worth the peace of mind. Keep in mind, too, that freezing and thawing takes time. Be sure to thaw your credit a few weeks before you need it.
Here’s how to freeze your credit with the Big Three:
|Freeze your Credit through Equifax
(Select Option 3)
|Thaw your Credit through Equifax
(Select Option 3)
|Freeze your Credit through TransUnion
|Thaw your Credit through TransUnion
|Freeze your Credit through Experian
(Select Option 2)
|Thaw your Credit through Experian
(Select Option 2)
4. Pay for Credit Protection Services
You can also pay for credit alerts and credit protection services. One of the most well-known companies that does this is Life Lock. There are many other similar companies. Oftentimes, these services back their warranty with an insurance guarantee that protect you in case your identity is stolen.
These companies also work to fix your credit after you suffer a data breach. These services may be included in your monthly premium, or they may be additional.
Credit reporting agencies also offer this service. Equifax offers its TrustedID Premier services for one free year to those who may be affected by their data breach. Many people are cautious about this, and with good reason. What makes Equifax think that we can trust them after nearly 1/3 of the country’s data was breached?
Nevertheless, they are offering a free year of protection. To claim your free year, you can go to www.EquifaxSecurity2017.com to check if you were affected by the data breach. The site has been criticized for its own security errors, however. Use it at your own risk,
There are a lot of concerns about what rights you give up if you accept the TrustedID offer from Equifax. Despite popular belief, you are not excluding yourself from any class action related to the data breach if you choose to take the TrustedID protection.
Instead, you agree to give up your right to sue Equifax if their protection doesn’t work.
You’re not without recourse, though. The terms of service have what’s called an “arbitration agreement.” Arbitration is a type of dispute resolution that is done outside the courts. This way, it’s 100% private for both parties. It is also expensive. Keep that in mind if you choose to sign up for TrustedID.
UPDATE: For what it’s worth, Equifax customer service is nothing to write home about:
What’s going to happen to Equifax now?
Bad News for Some Executives
Once news of the data breach broke, eyes quickly turned toward Wall Street. As it turns out, three executives related to Equifax–including its own Chief Financial Officer–dumped about $1.8 million worth of Equifax stock. This is insider trading. Insider trading occurs when someone who has special “inside” knowledge of a company uses that information to trade stock to their advantage. The allegation here is that these executives sold their Equifax stock right before the news of the data breach hit.
As a result, the Securities Exchange Commission, Federal Trade Commission, and the Department of Justice are all conducting civil and criminal investigations. Of course, they are innocent until proven guilty. But the timing is incredibly suspicious
Class Action Lawsuits
No one knows at this point. There will certainly be class action lawsuits. A class action lawsuit will likely not require any of your participation beyond submitting a claim. Keep an eye on the mail over the next year or so for legal notices about a settlement. Most class action lawsuits settle. Once there is a settlement, the common settlement fund is split up over the “class” of people that were affected by the data breach.
Some people will opt out of the class action to try to go up against Equifax alone. The people that do this should be in the minority. Litigation is incredibly expensive. Getting the evidence to win a case is also very expensive. In order to win in a lawsuit, you have to be damaged. This means that you must have suffered some kind of monetary damage resulting from Equifax’s data breach.
The only way this would be advantageous is if there were several million dollars in damages. Most people should just stay in the class action.
Hopefully, this data breach will light a fire under the federal government. Right now, there are very few federal laws telling companies how to handle data breaches. It is mostly done according to best practices. Ideally, Congress would quickly enact a new law that requires companies to act within a certain amount of time of discovering a data breach, and require them to take preventative measures. Such a law would also open these companies up to fines and lawsuits if they fail to abide by the law.
But this is uncertain. The current administration and Congress have an eye looking towards deregulation. Notably, the current administration wants to gut the Consumer Financial Protection Bureau. So we’ll see what happens over the coming months.
Were you affected by the Equifax Data Breach?
If your identity was stolen during the Equifax data breach, the attorneys at the Maron Law Group can help. We serve clients in Charleston, SC, Mount Pleasant, SC, and the Lowcountry region.
All consultations are free. Contact us today to set up your appointment.