The Equifax Data Breach
Recommended steps by our Chief Information Officer at Centaurus Financial, Inc.
 
Not so long ago, getting hacked or breached typically meant that you had to change your passwords, monitor a few accounts for a short period and ensure that your anti-virus software was current.    Now, the hacks and breaches are targeting voting machines, power grids and government databases.   The exploited data includes immutable information like your date of birth and your social security number.   With the Equifax breach announcement, the full names, home addresses, birth dates, social security numbers, some driver's license numbers and other personal and comprehensive information were stolen from more than 143 million Americans.   Additionally, credit card numbers for about 210,000 people were also exposed.  The stolen and exposed data is more than sufficient to steal your identity, take out fraudulent loans and trick your banks and mobile carriers into accessing your accounts via social engineering.  In summary, the breach, which was discovered by Equifax on July 29th but not announced until a couple weeks ago, is devastating.   
 
Unfortunately, Equifax's response to the breach has, thus far, been insufficient.   While I recommend that you take advantage of Equifax's offer for a one-year complimentary credit monitoring subscription in addition to the free Equifax credit freezes, the risk of identity theft as a result of the Equifax breach will endure for years to come.    Again, this breach is devastating.  
 
So, as an affected American what should you do next?
 
While Equifax has established a website ( www.equifaxsecurity2017.com ) and a toll-free number (1-866-447-7559) to determine if individuals are affected and answer questions, each service has already proved to yield contradictory results.   Accordingly, given the sheer volume of the breach, I believe it best to assume that everyone with a credit history has been included in the breach.
 
Ultimately, the onus will be on you to protect yourself.   Accordingly, I suggest you do the following:
  • Closely monitor your account statements and credit reports.  Credit reports are available for free from each of the 3 credit bureaus, once per year.   Stagger them to see one every four months.    To obtain your free credit report online, visit www.annualcreditreport.com.
  • Consider freezing your credit which will halt bad actors from opening loans or credit cards in their name.   Unfortunately, it also halts you from establishing your own new loans/credit so any credit freeze will need to be lifted a few days prior to seeking the new loan/credit.    Credit freezing is different from credit locking which is not a sufficient solution.  Equifax has indicated that they will waive their own fee to freeze credit using Equifax.  Both TransUnion and Experian will charge a fee for this service.   To put a freeze on your credit, contact each of the 3 credit bureaus as follows:
    • TransUnion:  1-888- 909-8872
    • Experian:  1-888-397-3742
    • Equifax:  1-800-349-9960
  • Set a free 90-day fraud alert.  When a fraud alert is set, credit card companies will be required to verify your identity before opening an account.  That, combined with the credit freeze, is a great way to keep your credit score secure.  To set a fraud alert, contact just one of the 3 credit bureaus at the following numbers, and ask for an initial fraud alert:  
    • TransUnion:  1-800- 680-7289
    • Experian:  1-888-397-3742
    • Equifax:  1-800-525-6285
  • Take advantage of the 1 year of free identity protection offered by Equifax using TrustedID.   I have vetted TrustedID for identity protection in the past and found it to be a worthwhile tool.  However, in realizing that their personal information will be at risk for years to come as a result of the breach, additional years of credit monitoring will likely be required and which, at this point, has not been offered by Equifax for free.  If you are not interested in using Equifax's TrustedID, alternatively, you should consider subscribing to an identity protection service such as LifeLock (www.lifelock.com) or IdentityGuard (www.identityguard.com).    To enroll in Equifax's TrustedID, do the following:
    • Go to www.equifaxsecurity2017.com.
    • Click the "Potential Impact" tab followed by the "Check Potential Impact" button.
    • Enter your last name and the last 6 digits of their social security number.
    • Read Equifax's conclusion and click "Enroll," regardless of the stated conclusion.
    • Complete the registration form and click Continue.   Alternatively, you may be given a date when you can return to the same site and formally register for the free TrustedID service.
    • Please be aware that these steps have changed more than once in the past several days and may change again.
  • Be aware of Equifax related phishing scams delivered via postal mail, email and phone which are likely being developed by scammers as we speak. 
  • Review additional information about consumer identity theft via the FTC website - www.ftc.gov/idtheft.   Additionally, Equifax has provided a detailed set of Frequently Asked Questions (FAQs) which can be found by visiting https://www.equifaxsecurity2017.com/frequently-asked-questions/.
  • Stay vigilant in monitoring your credit reports and account statements for years to come.  
  • Consider helping your less tech savvy loved ones, including the elderly, as appropriate, with the above steps.
Download the free WNIS app to listen to our radio show live on your smart phone or mobile device.  First and third Tuesday of every month, 6:00 - 7:00 PM.  Next show date: October 3

Website:  www.masonllc.net
Phone: (757)223-9898
STAY CONNECTED:
Michael R. Mason, CFP®, CLU®, ChFC®, Kenneth T. Mason, RICP®, and John M. Mason, CFP® offer securities & advisory services through Centaurus Financial, Inc., Member FINRA and SIPC, a Registered Investment Advisor. Mason & Associates, LLC and Centaurus Financial, Inc. are not affiliated companies. This is not an offer to sell securities, which may be done only after proper delivery of a prospectus and client suitability is reviewed and determined. Information relating to securities is intended for use by individuals residing in the following states: Arizona, California, Colorado, Florida, Hawaii, Indiana, Maryland, North Carolina, Pennsylvania, and Virginia.

This e-mail and attachment(s) may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copy of this message is strictly prohibited. If received in error, please notify the sender immediately and delete/destroy the message and any copies thereof.

This e-mail was sent in accordance with US Code 47.5.11, Section 227. We respect your privacy and pledge not to abuse this privilege. To stop future mailings, please respond by typing "remove" in your reply.
 
The CLU®, ChFC® and RICP® are the property of The American College, which reserves sole rights to its use, and is used by permission.