Equifax Settlement after Massive Data Breach

An Equifax settlement has finally been reached – nearly two years after their massive data breach. The company has agreed to a global settlement with the Federal Trade Commission and the Consumer Financial Protection Bureau. The settlement includes a Consumer Restitution Fund totaling up to $425 million to help people affected by the data breach and another $175 million going to all 50 U.S. states and territories.

Padlock with Identity Theft Theme
Nearly 148 Million Records Exposed!

TOTAL INEPTNESS

It was in September of 2017 that Equifax, one of the largest consumer reporting agencies in the world, suffered a data breach that affected roughly 148 million consumers – nearly half the U.S. population.

Equifax’s failure to maintain and update their security system is what caused this preventable breach. Despite knowing about a critical vulnerability in its software, Equifax failed to fully patch its systems. The breach went unnoticed for 76 days.

This epic breach enabled hackers to penetrate Equifax’s systems and exposed the private data of 56% of American adults. Breached information included Social Security numbers, names, addresses, birthdates, credit card numbers and some driver’s license numbers too.  It was, and still is, the largest and most damaging breach of highly sensitive consumer data.

RESTITUTION FUND – JUST A MERE $2.87 – PER VICTIM!
Equifax Settlement
Barely A Slap On The Wrist!

The Equifax Settlement includes a Consumer Restitution Fund totaling up to $425 million that will go to consumers who can demonstrate that they were financially harmed by the breach.  $300 million is dedicated to addressing consumer redress. However, if the $300 million is exhausted, the fund can increase by up to an additional $125 million. The company must also offer up to 10 years of credit monitoring services to those affected by the breach. If you don’t want the credit monitoring service, you may be able to opt for a $125 cash payment, unless they run out of funds. You can’t get both!

Furthermore, Equifax has agreed to take several additional steps to assist consumers who are either facing ID Theft issues, or who have already had their identities stolen. It includes making it easier for consumers to freeze and thaw their credit and making it easier for consumers to dispute inaccurate information contained in their credit reports.

Additionally, the Equifax settlement requires the company to maintain sufficient staff dedicated to assisting consumers who may be victims of identity theft. For at least seven years, Equifax will provide free assistance to victims via their Identity Restoration Services. In other words, if you discover there was misuse of your personal information, call the settlement administrator at 1-833-759-2982 and you will be given instructions for how to access Equifax’s free Identity Restoration Services.

WHAT DO I NEED TO DO NOW?

Equifax is offering FREE Credit Reports for ALL U.S. Consumers. Starting in January 2020, all U.S. consumers can get 6 free credit reports per year for 7 years from the Equifax website. That is in addition to the mandatory free credit report everyone is entitled to each year from each of the three credit bureaus that you get from going to www.AnnualCreditReport.com

To find out if you were one of the over 147 million victims of Equifax’s data breach and an eligible class member, call 1-833-759-2982 or you can click here

*NOTE: If you wish to file a claim, you must file your claim by January 22, 2020.

Visit the Federal Trade Commission’s website for info on How to File a Claim

Read a previous article I wrote about the Equifax Breach to learn how it all came about. And Here for Part Two of that article.

DARK WEB MONITORING

Dark Web Monitoring – Is It Worth The Cost?

Consumers are coughing up anywhere from $10 to $30 per month for identity theft protection. Credit monitoring companies usually include dark web monitoring to their list of services. But is dark web monitoring really worth its salt? Consumers are under the false assumption that they can rely on these credit monitoring companies to keep them protected. THEY CAN’T!

Results of a recent survey by Consumer Federation of America (CFA)

~ 36% of those who’d seen ads for dark web monitoring incorrectly believed identity theft services can remove their personal info from the dark web.

~ 37% mistakenly believe dark web monitoring services will prevent stolen information, sold on the dark web, from being used.

Dark Web Monitoring

What is the Dark Web?

It is the go-to place on the internet where criminals buy and sell stolen personal information. Well known, commonly used internet browsers such as Google Chrome, Firefox or Mozilla won’t get you there. You need a special browser such as Tor. Most of this stolen information is gleaned from criminals that hack into compromised businesses and personal computers. Here’s what these nefarious actors are after: social security numbers, credit card info, usernames & passwords, bank account info, medical info, birth dates, email addresses, names, addresses, phone numbers, etc., etc.

REALITY CHECK!

No one can erase any of the stolen data that ends up on the dark web. No one can prevent your stolen data from being sold or used. Therefore, credit monitoring companies are only able to ‘alert’ you (after the fact) once they discover that your personal info is up for sale on the dark web.

If you’re wondering whether or not your personal info is on the dark web, the answer is YES, of course it is. You don’t need to pay a credit monitoring service to learn that! Hackers stole nearly a half a billion records in 2018 alone!

The Equifax data breach exposed the social security numbers, birth dates and other personal info of 148 million Americans. About 6.4 million records are reported stolen every day. If you’re still not convinced, and want to see the raw data, go here for real time data breach statistics.

Odds are very high that your info has already been bought and sold to numerous criminals on the dark web. You can’t change your social security number or date of birth. With so much of everyone’s info already compromised, individuals must do everything they can to make it more difficult for criminals to use that stolen data.

Does Dark Web Monitoring Have Any Value?

Security experts say dark web monitoring is just a scare tactic used by credit monitoring companies. Fear of the unknown motivates people. Neal O’Farrell, executive director of the Identity Theft Council  says it’s all really “just a smoke and mirrors deal” created by credit monitoring services to justify the monthly fee. O’Farrell states “They keep adding on these extra services that are truly valueless and don’t go to the cause of the problem”.

6 Important Things To Protect Yourself

1.) Check your credit report regularly with all 3 credit bureaus. By law you are entitled to a free annual report from Equifax, Trans Union and Experian. All three companies must provide a free credit report to you, upon request. So, NO EXCUSES – It’s FREE!  Stagger your requests throughout the year by requesting one credit report from one company, three different months during the year.

2.) Place a “Freeze” on your credit file with all three credit bureaus. There is no cost to freeze your credit. So, again, no excuses! Placing a credit freeze prevents a fraudster from obtaining credit in your name. A credit freeze is much more secure than the credit monitoring packages being sold by the credit bureaus and other credit monitoring companies such as LifeLock. Also, don’t let the credit bureaus try to talk you into placing a “Credit Lock” instead of a Credit Freeze”. Credit Locks do not have the same consumer protections that a Credit Freeze provides.

3.) Use two-factor authentication as a secondary firewall to prevent criminals from impersonating you. Also referred to as “2FA” – Two-Factor Authentication is an extra layer of security that requires not only a username and password, but also something that the user has on them like an email address or a cellphone that a code can be sent to. This proves that you are who you claim to be before you can obtain full access to your account.

4.) Use stealth and long passwords (at least 12 or more characters) that are hard to crack. The best passwords are phrases mixed in with symbols, numbers and upper & lower case letters. Don’t use obvious things like, mother’s maiden name, birth dates, addresses, phone numbers or any info that can be gleaned from your social media account. NEVER use the same password for other log-ins. Why? If your password is compromised, a criminal will try using that password to log-in to other websites, like banks, PayPal, Amazon and other commonly frequented websites. Also, be sure to change passwords every so often, especially if you learn of a data breach that affects a website or an account you have with a company.

5.) Monitor your accounts whenever your bank and credit card statements arrive. Be sure to also check your Explanation of Benefits for medical services. Correct any errors you find and report any discrepancies.

6.) Keep your software updated and back up your data. Whenever there is an update available for your software programs, be sure to follow through and perform a timely update. Better yet, set your programs to update automatically. Make a habit of backing up your important files on a regular basis. Back up all files that you wouldn’t want to lose if your computer ever crashed.

There’s no 100% guarantee that following these steps will fully protect you from becoming a victim of identity theft, but it will certainly lower your chances.  Awareness and constant vigilance is paramount in this game of cat and mouse.

You can read a prior article I wrote about Credit Freezes here

SYNTHETIC IDENTITY THEFT

According to the Federal Trade Commission, 80 to 85% of all identity fraud stems from Synthetic Identity Theft. Fictitious identities are created when an Identity thief creates a fresh new identity using elements of valid and/or fabricated forms of personal information.

As an example – a thief with a stolen valid Social Security number will combine it with a fake name, address and date of birth to create a brand new identity.  Because a valid Social Security # is used, there is no actual victim or true identity behind this false combination of identity elements.

Synthetic Identity Theft

 

Once Created – The Mischief Begins!

The merger of this real and fake personal data is then used to commit criminal, medical or financial fraud. Once an ID thief creates a new synthetic identity, they will attempt to apply for loans, credit or a job; get medical services, obtain cellphone service or even use the synthetic ID if they get arrested.

Remember that this newly created identity still contains your social security # as the main component and source of reference. Therefore, it becomes part of a fragmented or sub-file to your main credit file.

Additionally, fraud alerts, credit freezes and credit monitoring services will not indicate that anything is amiss. These usual protective measures do not stop Synthetic Identity Theft.

Unfortunately, the massive Equifax data breach, reported in September of 2017, exposed the valid social security numbers of nearly 148 million Americans. Realize also that those stolen social security numbers have already been purchased by criminals on the dark web – in underground black markets. Unfortunately, you cannot change your social security number!

 

What are Banks and Credit Card Companies Doing to Combat This?

Financial institutions understand the need to use any and all tools available to stop synthetic identity theft. They’re using advanced analytics, device intelligence and monitoring of underground websites. Credit Bureaus utilize tools that are able to detect when identity elements appear to be used inconsistently. They have developed analytical scores that help them determine whether a Social security # and identity belong to the right person.

A new federal law should also make it easier for creditors to verify ownership of a Social Security # with the Social Security Administration – which should help them verify that credit applicants actually exist.

 

THERE’S NO SILVER BULLET – BUT THESE STEPS MAY HELP

  • Only use an identity theft monitoring service that includes dark web monitoring. The service will check for personal identity elements, such as a SSN, that may have been exposed in a recent data breach.
  • It’s still worth placing a credit freeze with all three of the credit bureaus. Credit Freezes are now FREE in all 50 States as of September, 2018. Here’s is a previous article of mine explaining how to place a freeze
  • Get your free credit report at annualcreditreport.com from one of the three credit bureaus and check to see that there hasn’t been any unauthorized accounts opened.
  • A child’s SSN is often used to create Synthetic ID Theft. So, be sure to also place a credit freeze for your minor children as well.
  • National databases hold the key to discovery of Synthetic ID Theft. The DMV, insurance companies, data brokers, employers, prison or police records may all contain synthetic identities that include your social security number. Use a credit monitoring service that checks national databases.

 

Synthetic identity theft is a complicated and growing problem because it’s hard to detect and prevent this type of fraud. Once these synthetic identities are created, they become ‘verifiable’ identities and can therefore pass traditional security checks.

Unfortunately, it’s going to be up to you to be ever diligent if you want to protect yourself in the age of rampant fraud and deception.

EQUIFAX BREACH AFTERMATH

Aftermath of the Equifax Breach    (PART TWO)

It’s barely been a year since the Equifax Breach became one of the largest data breaches in U.S. history. Equifax’s gross negligence resulted in hackers stealing the social security numbers and other sensitive information of 148 million Americans.

Equifax Breach
Guard your identity with everything you’ve got

As a result of the Equifax breach, the company offered one full year of free credit monitoring. Knowing this, criminals are just biding their time, waiting for the year to expire. They know that once the free credit monitoring expires, the public will feel safe again. They expect consumers  will become more lax about protecting and monitoring their personal information. This would be a big mistake for consumers. Since you can’t change your SS#, you must remain ever vigilant.

YOUR DATA WAS ALREADY OUT THERE!

News Flash! Although the Equifax breach was massive, much of the consumer data exposed in that breach was already available to criminals. The majority of American’s most sensitive personal data has already been compromised for several years. It is then sold on the cyber-underground to the highest bidder. If you have any doubt, realize there were 1579 separate data breaches in 2017 alone. Millions of records are exposed in those breaches.

Therefore, even if you were not a party to the Equifax breach, you need to assume that your personal info is already out there for sale. So you need to continue to protect your data for the rest of your life. One of the best ways to protect yourself is to place a freeze on your credit file.

 

EEquifax Breach Credit Freeze
Credit Freezes keep the bad guys out!

Credit Freezes – will soon be FREE

Starting September 21, 2018 you can place, temporarily lift, or remove a Credit Freeze for FREE.  Because each person has their own credit file, each individual should lock down their credit report by placing a freeze on their file.

Once the freeze is in place, only you, (the person who placed the freeze), can view your credit file. Everyone else would be locked out, unless you choose to grant them access to it. Access to your credit file is granted by either placing a temporary lift or by removing the freeze.

According to the U.S. Federal Trade Commission, all three credit bureaus must set up a web page to assist consumers with placing a credit freeze.

A WORD OF CAUTION!

Once you begin the process of freezing your credit, you may be enticed to place a Credit “Lock” instead of a Credit “Freeze”. Do NOT be fooled into placing a Credit “Lock”. These are being pushed as an alternative to a Credit “Freeze” by all 3 credit bureaus. Credit Locks do not offer the same legal protections to consumers as a Credit Freeze. So, don’t be fooled!

You should also be sure to place a credit freeze for your minor children. Child ID theft is a criminal’s dream. The theft of a child’s identity is usually not discovered until years later. By that time, the damage is done, and the thief is long gone.

Additionally, all 3 credit bureaus are now required to offer FREE electronic credit monitoring services to all active duty personnel.

CONTINUE TO MONITOR REPORTS

As a habit, consumers should obtain a free credit report from each of the 3 credit bureaus by visiting www.annualcreditreport.com  This is the only federally authorized website to get your free credit report. Each of the credit bureaus must provide consumers with a free credit report, once a year. The smartest way to accomplish this is to stagger your requests during the year.

Here’s How:

In January, go to the website and request only one free report from Equifax. Then again in May, request one free report from Trans Union. Lastly in September, request your free report from Experian. This method gives you the opportunity to review your credit report for free over the entire year.

THAT’S NOT ALL FOLKS

To further protect yourself, it’s also important to request a report, monitor or lock down four other lesser-known consumer reporting agencies such as:

ChexSystems: provides account verification services for banks & financial institutions.

Innnovis: provides ID verification data to assist with fraud detection and prevention.

(NCTUE) National Consumer Telecommunications & Utilities Exchange.  NCTUE is a credit checking clearinghouse used by mobile phone providers and utility companies.

Lexis-Nexis: Collects info from public records & data sources such as real estate ownership, liens, judgments, bankruptcies.

 

NEVER HEARD OF THEM

There are dozens of other companies you never heard of that provide consumer reports to specific industries. The Consumer Financial Protection Bureau (CFPB) produced a list of all the known entities that maintain, sell and share tons of data on U.S. citizens. The link to the pdf document is here

The pdf document provides information and the links to the websites of 46 different entities. It also provides information about your legal rights to obtain the data in your reports and dispute any inaccuracies contained in them.

Remember that your data is only as safe as the companies and organizations that are tasked to protect that data. The vast majority of them are doing an abysmal job. So, it is up to you to protect your data and to remain vigilant at all times.

ONE MORE REASON

If I haven’t yet convinced you to freeze your credit file, here’s one more reason to do so. All 3 credit bureaus make a nice profit from selling copies of your file to others. Thus, freezing your credit file will deny them a steady revenue stream. Why should they be allowed to profit from selling your personal info; especially when they do such a lousy job at protecting it. What a perfect way to hit them where it hurts – their corporate bottom line!

You can learn more about credit freezes by reading a prior article of mine HERE

FREE CREDIT FREEZES COMING SOON!

FREE CREDIT FREEZES – Coming Soon!

Thanks to a newly enacted bill, sometime in September, consumers can take advantage of Free Credit Freezes. Because a credit freeze needs to be placed with each one of the three credit bureaus, the new law will help save consumers some money.

Free Credit Freezes
Freeze Your Credit Files ASAP!

The legislation was added as part of the Dodd-Frank bank deregulation bill, passed by Congress earlier this year. The law allows consumers to either place, lift or remove a credit freeze absolutely free of charge.

Before this new law, depending on which State you lived in, consumers had to pay between $2 and $10 to place a freeze. The only way a consumer could get a no-cost credit freeze was if they could prove they were a victim of identity theft.

Brought On By Equifax Breach

Following the Equifax data breach, the advice given by most experts was to place a separate credit freeze with all three of the credit bureaus. You may recall, the Equifax breach exposed the personal data of 148 million Americans. Because social security numbers were exposed in that breach, placing a credit freeze was a consumer’s first line of defense. A credit freeze protects a victim’s credit account by virtually locking access to it. This prevents crooks from applying for credit, using your stolen social security number.

Companies would never approve a loan or a credit card application unless they are able to do a credit check – to see if you are creditworthy. Once a freeze is in place, companies are prevented from checking or viewing your credit file. Therefore, placing a credit freeze protects a consumer from criminals trying to get credit in their good name. Keep in mind that if you yourself wants to apply for credit, you will need to temporarily lift your credit freeze, so that the lender can gain access to your credit file.

NOTE: There’s a difference between a credit “Lock” and a Credit “Freeze”!

Equifax has been offering free credit “Locks” for life as part of its response to their massive data breach. But consumers should be aware that credit “Locks” are NOT the same thing as placing a credit freeze. Credit Locks don’t offer the same consumer protections. They are virtually just an agreement between you and Equifax that can be subject to changes down the line.

Trans Union and Experian also offer their own versions of credit “Locks”. Warning: there are fees involved! Anna Laitin, the director of financial policy with Consumer’s Union recommends freezes rather than credit locks because the rules for credit freezes are established by law. “Consumers will know what they’re getting with a freeze”, she said.

~ See an article I wrote about Credit Locks vs Credit Freezes

CHILD ID THEFT

Children have become a prime target of identity thieves. A million American children became victims of identity theft last year at a cost of 2.6 billion dollars in total losses to the families. Once a thief is able to get identifying information on a child, such as the child’s Social Security number, they can open a credit report on behalf of the child and obtain credit in the child’s name. Fortunately, a provision in the new law also allows for parents or guardians of children under age 16, to set up a credit report and then freeze it at no cost.

What about Fraud Alerts?

Another benefit of the new law also extends the time limit on fraud alerts.  A fraud alert is usually placed to notify the credit bureaus if a consumer suspects they might be a victim of identity theft.  Fraud alerts require businesses to verify an application for credit before giving approval. Originally, a fraud alert was only good for 90 days and had to be renewed again every 90 days for the alert to remain on a consumer’s credit file. The time limit has now been extended from 90 days to a full year.

So, if you haven’t already placed a credit freeze, once September rolls around, you may want to take the advice of experts and place one for FREE!

Please read a previous article of mine if you want to learn more about How to Place a Credit Freeze.

ID Thief Fights Crimes

ID Thief Fights Crimes – That in the past…He Helped Commit

It’s a rare occasion when an ID Thief fights crimes they actually helped commit. Brett Shannon Johnson is one of the few, who stepped away from the dark side. He now works with law enforcement to actually help prevent ID theft crimes, he once helped perfect. There was a time when he was on the Secret Service’s “Most Wanted List”! He was busted several times and spent more than six years behind bars. Maybe that’s why he decided to turn over a new leaf.

Johnson recently spoke about his crime spree and shared his insight into the criminal mind during an interview with NBC news.  Here is a quote from Johnson:

Cybercrime is not rocket science, it’s extremely easy”. “These days someone, who has no experience at all, can take classes on how to commit these crimes. They can buy tutorials or partner with others. All the necessary tools they use are basically off-the-shelf products”. 

Johnson goes on to say:  “I didn’t care who the victim was, I always tried to justify it. I told myself, I’m not ripping off the person, I’m ripping off the store or the government or the bank…and they could afford it”.

Some Of The Crimes He Committed:

~ His life of crime started at the age of 10 – Shoplifting.

~ Insurance Fraud – by getting a payout from a phone car accident.

~ Scamming people on Ebay – by selling non-existent merchandise.

~ Filing fake tax returns and requesting refunds of dead people – who hadn’t yet been reported as ‘deceased’ to the IRS. It only took him six minutes to file a bogus return, using stolen info. He made $6,000 a week, doing so.

 

ID Thief Fights Crimes

 

YOU MUST TAKE ID THEFT SERIOUSLY – OR ELSE….

The Equifax data breach, which happened in September of 2017, exposed the personal info of almost every adult U.S. citizen. Compromised records included the social security numbers, birthdates, names and addresses of 145.5 million Equifax customer files. This information is priceless to a criminal!

Social Security numbers and birthdates cannot be changed and never expire. Those 145.5 million victims, who were affected by the Equifax breach, will now have to be ever-vigilant for the rest of their lives!

Every year, we break another record for the number of successful data breaches. There were 1597 data breaches as of the end of December, 2017. Tax ID Theft, Employment ID Theft and Medical ID theft will increase exponentially as a result of the Equifax breach alone.

ID Thieves have continued to adapt and morph their techniques and scams to snag many more millions of unsuspecting victims. Account take-over grew (by 36 percent), resulting in losses of $2.3 billion. Tens of millions of Robocalls are blasted out each day, for a total of 30 billion calls in year 2017 alone.  ATM and gas station skimming devices are ubiquitous. Cybercrime and Ransomware are a growing threat for citizens and companies worldwide.

 

CRIMINALS HAVE IT A LOT EASIER NOW…

In previous years, an ID thief would have to buy stolen information from other criminals on the dark web – an underground black market where personal information is bought or auctioned off to the highest bidder. Before the Equifax breach, criminals were never really certain whether the info they gleaned was correct.  Since the Equifax breach, they now know the information is genuine.

A criminal can easily file a false tax return, get a job, get free medical care, take over social security accounts, apply for student loans, take over a credit account or open up new credit accounts. In other words, the sky’s the limit for ID thieves.

 

UNLESS CONSUMERS GET MAD AS HELL, NOTHING WILL CHANGE! 

Privacy is a thing of the past. No one, dead or alive, is immune from the perils of Identity Theft. Individuals must take matters in their own hands. The Federal Government needs to get serious about tackling this crime spree or the problem is only going to get worse for ALL of us! It is now just a matter of when it will happen to you.

Please don’t shoot the messenger!  I’m just trying to enlighten you!!!

DETER TAX ID THEFT- FILE TAXES EARLY

Tax ID Theft is the most common form of identity theft reported to the Federal Trade Commission (FTC) for the past five years. The FTC and its partners announced they are hosting a Tax Identity Theft Awareness Week from January 29th to February 2, 2018. They will be hosting a series of free events, including webinars and Twitter chats.

Tax ID theft occurs when someone uses your stolen Social Security number to file a fraudulent tax return in order to claim a fraudulent refund.

There has been 1293 data breaches as of 12/20/17. These data breaches provide hackers with a slew of sensitive information. The Equifax breach alone exposed the names, addresses, social security numbers and birthdates of 145.5 million records. Criminals will attempt to file fraudulent tax returns using this stolen information. The big refunds that are claimed on these fraudulent returns are either sent to phony addresses or deposited into bogus bank accounts controlled by these criminals.

Tax ID Theft
IRS Tax ID Theft is Billions of Dollars a year!

The best thing you can do to protect yourself from Tax ID Theft is to file your return as early as possible to make sure your return is filed prior to that of an identity thief.  That way, you beat a would-be criminal from filing a return before you do.

 

PREVENTION TIPS TO AVOID TAX ID THEFT

  • Know your Tax Preparer – check their credentials on the IRS website
  • Beware of Preparers promising big refunds or base their fee on your refund
  • If you cannot file early, then file an extension using IRS Form 4868
  • Never carry your social security card or any document with your SSN on it
  • If mailing your return, be sure to mail it directly from the Post Office
  • If E-Filing your return, use a reputable program and a secure non-public computer
  • If you move, file a Change of Address as soon as possible – Use IRS Form-8822
  • Store copies of your returns in a secure place or save it on an external hard drive
  • Shred drafts, tax forms and all documents that contain any sensitive information
  • NEVER respond to calls, texts or emails appearing to be from the IRS. Don’t respond to threats or arrest. The IRS always initiates contact with you via a letter, sent by snail mail.

 

If you do become a victim of tax ID theft, file a police report immediately. Then, file a “paper” return with the IRS with an attached Form 14039 Identity Theft Affidavit together with a copy of the police report. This will hasten the process. You should also call the IRS specialized assistant toll-free number 800-908-4490. You can visit the IRS website for more info here: www.irs.gov/Individuals/Identity-Protection

To find out how to lessen your risk of becoming a Tax ID Theft victim during the FTC’s Tax Identity Theft Awareness Week – go here:   https://www.consumer.ftc.gov/features/feature-0029-tax-identity-theft-awareness-week

WHY YOU SHOULD PLACE A CREDIT FREEZE

A credit freeze is one of the most effective tools consumers have to prevent future Identity Theft involving credit. In light of the recent Equifax data breach, it is extremely advisable to do so – ASAP!  Think of a Credit Freeze as having an insurance policy that protects you from anyone trying to obtain credit in your good name.

A credit freeze allows you to actually ‘seal’ your credit reports. Therefore, no one, including cyber-thieves, can open up new lines of credit or get a loan – even if they have your social security number. Keep in mind that the Equifax breach exposed the Social Security numbers of 145.5 million U.S. citizens.

A credit freeze denies anyone else (except you) the ability to access your credit report. This prevents the bad guys from trying to establish new credit accounts or take out new loans, using your stolen information. If your credit file cannot be accessed, a lender will not be inclined to issue a new credit card or finance a new loan.

NOTE: Freezing your credit will not protect you from identity theft on your existing lines of credit, such as current loans or current credit cards. A freeze will not provide protection for any financial accounts that you already have open. Placing a credit freeze only protects you from future credit applications. In other words, if your current credit or debit card is lost or stolen, a thief can still steal from you, unless and until you shut down the affected account.

HERE’S HOW TO PLACE A CREDIT FREEZE

Credit Freeze
Freeze Your Credit File ASAP!

You’ll need to call or visit the websites of each of the three credit bureaus and request a Credit Freeze. Each credit bureau charges a small fee that varies by State. The cost in the State of AZ is $5.00 – per person – per credit bureau. Once a credit freeze is in place, it will remain frozen until you remove it or you temporarily ‘thaw’ or ‘lift’ the freeze.

Each credit bureau will assign a PIN (personal identification #) that you must be sure to keep in a safe place for later retrieval. The PIN will be required if you yourself ever want or need to personally apply for a new loan or credit.

If that occasion arises, you will need to temporarily ‘thaw’ or ‘lift’ your freeze, so that your personal application for credit can be processed by the lending institution. Therefore, you’ll need to contact the 3 credit bureau(s) and ‘lift’ the freeze for the number of days you need. Then, once the time expires, your credit file will automatically go back to being frozen again.

The fee to temporarily ‘thaw’ or lift’ a credit freeze will cost you $5.00 – per credit bureau. However, more-than-likely, you will only have to lift the freeze with just one of the credit bureaus. So, be sure to ask your would-be creditor which credit bureau they will use to check your credit.

EVERYONE NEEDS A CREDIT FREEZE

Keep in mind that each individual will need to place a credit freeze. Each person has their own credit file, which is paired with their social security number. So, a husband and wife will each need to place a freeze on their own credit file. Parents are also strongly advised to place a credit freeze on their children’s credit file too. Child ID Theft is a serious issue and very difficult to remedy.

Lastly, you must realize that a credit freeze cannot and will not protect you from other forms of identity theft – such as medical, tax or employment ID theft.  These types of ID theft are much more difficult to protect yourself from, so you must always be ever vigilant.

Remember, your information is only as safe as the companies that store your data and then protect it from data breaches. According to the Identity Theft Resource Center, there were 1093 data breaches reported as of December 2016. We are well on our way to breaking that record in 2017.

CHANCES ARE YOUR DATA IS ALREADY OUT THERE!

You must accept the fact that with all the data breaches and the many millions of records already exposed, your personal information is being sold to the highest bidder on dark underground websites. When it comes to protecting yourself from ID theft, it is always best to take matters into your own hands and be proactive. Always treat your identity as a valuable asset that must be protected at all times!

Read my previous article about a Credit Freeze vs a Credit Lock

Contact Info for Credit Bureaus:

Equifax: 800-349-9960 or www.equifax.com

Experian: 888-397-3742 or www.experian.com

TransUnion: 888-909-8872 or www.transunion.com

EQUIFAX SOFTWARE UPDATES

What does Equifax Software Updates have to do with the Equifax breach?  EVERYTHING! Credit Bureau Equifax actually allowed Hackers into their system, by NOT timely updating one of their software programs.

To begin with – the number of those affected by the Equifax Breach has been revised upward to 145.5 million, up from 143 million. The social security numbers of more than 60% of the U.S. adult population has been exposed.  Mind you, this breach occurred sometime between May and July, 2017, but Equifax didn’t publicly announce it until early September. This gave the bad guys plenty of time to amass all that data and do some serious damage, before most of us were even aware of the breach.

Recently fired Equifax CEO Richard Smith, testified before Congress last week explaining how the company got hacked in the first place. It seems the company failed to update a patch, which would have fixed a security flaw, in a program, called Apache Struts. This security flaw, in the Apache software, is how Hackers were able to steal all that data.

Had Equifax been prompt in updating the program, this epic breach would have been completely avoided!

In March, Apache had issued a patch to fix the problem in their Apache program. The patch was made available for users to update. The patch was available to update two months before the Equifax breach. It is inexcusable for any company that controls huge amounts of sensitive data, to fail to update their software in a timely manner.

CEO Richard Smith told Congress that the “person responsible for updating the software, did not properly do their job”. The fact that only ONE person at Equifax was responsible to handle this job, without any other oversight or backup, is reprehensible!

Equifax Software Updates not done
SHAME ON YOU EQUIFAX!

The important lesson, which should be learned from this story, is to always be sure to update your software. Set these programs to automatically update whenever one becomes available.  Setting them to automatically update eliminates the need for you to have to take any specific action yourself.  It ensures that you’lll always be operating the most safe-and- secure versions of your software at all times.

Finally, it is most important to discontinue the use of outdated software, which is no longer being updated with the latest security patches. The WannaCry Ransomware attack was easily spread around the world, because so many companies were still using the outdated Windows XP operating system.  Microsoft had long ago stopped supporting XP, Vista and other previous software versions with security updates.

Equifax had an obligation to protect the sensitive data of millions of U.S. citizens and failed miserably!  The fact that they made such an avoidable mistake is truly frightening!  Those affected will have to be constantly vigilant about identity theft – for the rest of their lives.

Read a previous article about Equifax Breach

EQUIFAX BREACH EXTREMELY DAMAGING

Why is the Equifax breach extremely damaging? Because the typical information required to prove your identity is now in the hands of the bad guys!

YOU CANNOT HIDE YOUR HEAD IN THE SAND AND THINK YOU’LL BE IMMUNE! 

An identity thief will go to great lengths to dig up your personal identifying information (PII) so they can impersonate you and then commit ID theft. This Equifax breach has already completed that part of the job for them.

Remember that 145.5 million Americans (over ½ the U.S. population) have had their PII stolen! Your information will likely be auctioned off on underground websites to opportunistic criminals, across the planet. Armed with your PII, a criminal can do a lot of damage to your identity, your good name and your financial records!

equifax breach extremely damaging
ARE YOU ANGRY YET??? YOU SHOULD BE!!!

How is the Equifax breach extremely damaging? Let’s count the ways… 

  1. Pretexting – Criminals will use your PII to convince your bank, credit card company, utility or phone service to make changes to your accounts. Your PII gives them the ability to change your email address, PINS, passwords, direct deposit info, phone # and home address. They’ll even change the answers to your secret questions – all in their quest to gain access to private information or to lock you out of your own
  2. Tax ID Theft: File fake tax returns to get large refunds.
  3. Credit Fraud: Open new lines of credit in your name (personal loans, auto loans, mortgages, new credit cards).
  4. Counterfeiting: Create fake ID’s like driver’s licenses, passports, insurance cards, etc.
  5. Criminal ID Theft: Use your ID to give to police if they get arrested.
  6. Medical ID Theft: Create medical insurance cards to get medical services or commit insurance fraud.
  7. Employment ID Theft: Use your PII to get a job and collect a paycheck.
  8. Financial ID Theft: Open bank accounts in your name and pass around bad checks.
  9. Malware/SPAM: Infect your devices with Malware by sending SPAM emails or texts, purported to be from Equifax. SPAM emails and texts are designed to lure you to click on links or open attachments that infect your devices and turn them into ‘bots’.
  10. Spoofing/Phishing: Imposter phone calls from Equifax employees or clickable links that lure you onto a fake Equifax website. Offers of free credit monitoring services or class action lawsuits, designed to phish for additional info, like your credit card number

YOU MUST LEARN WHAT TO DO TO PROTECT YOURSELF! YOU MUST BE PRO-ACTIVE AND EVER VIGILANT!  AND PLEASE – PASS IT ON…

READ MY PREVIOUS EQUIFAX BREACH ARTICLE TO LEARN WHAT YOU NEED TO DO.