Equifax—one of the
three major consumer credit reporting agencies in the United States—has
reported a major security breach that may have exposed the personal
information of up to 143 million people. Compromised
information may include names, social security numbers, birth dates,
addresses, and some driver’s license numbers, as well as about 209,000
credit card numbers and about 182,000 dispute documents that may include
personally identifiable information.
Like all major incidents, be prepared for the details to change over the coming days as new information is learned and shared. The office of IT Security would like to share the following information and tips
on how you can protect yourselves:
1.
Equifax Website: Equifax has created a
website (www.equifaxsecurity2017.com) where you can learn more about the incident. From this website, you can check to see if they believe your data was
compromised (click the
Potential Impact button at the bottom of their webpage). You can
perform this check for all members of your family, including your
children. While they may not be old enough to have a credit card or bank
account, they have a clean credit history that
is also a target for identity theft. Continue to recheck their
site over the coming weeks to make sure the information has not changed.
Their investigation is ongoing and may discover later that additional
information was compromised.
2.
Credit Monitoring: You can sign up for Equifax’s Trusted ID credit monitoring service, free of charge. You will have the opportunity to sign up for this when you check to see if your information was compromised. Read through
all information carefully if you enroll. Make sure you are comfortable with signing up for their free service.
Credit Monitoring does NOT protect you against credit card fraud. This
is a common misconception. Credit monitoring service will notify you
when/if
they identify someone attempting to commit Identity Fraud in your name,
such as registering for a new credit card or bank loan. Some services
also help you recover from Identity Theft. For more information on
credit monitoring, including potential limitations,
click here.
3.
Security Freeze: Though few people are aware
of it, a security freeze is one of the most effective actions that an
individual can take to prevent identity theft, but it does have a number
of drawbacks. A security freeze will lock
your credit scores so no one can access them. This means that while
your credit score is frozen, no bank or financial organization (such as
credit card companies) can check what your credit score is, which also
means no one will give you (or a criminal pretending
to be you) a loan, credit card, etc. A challenge to this approach is
that an individual must manually setup a security freeze with each of
the credit bureaus. In addition, if you want to get a new loan or credit
card, you then have to manually unlock your
credit service. For more information on security freezes,
click here.
4.
Monitor Financial Accounts: Watch your bank
and credit card accounts carefully. Many of them have a service where
they notify you (via text or email) if a back withdraw or credit card
charge is over a certain limit, or can send
you daily reports of your activity. We highly recommend you enable at
least one of these.
5.
Social Engineering Attacks: In the coming
days/weeks, cyber attackers will take advantage of this incident and
launch millions of phishing emails, phone calls, or text messages trying
to fool people. Be vigilant and participate
in ESU’s security awareness programs to learn more about how to defend
against these, and other, cyberattacks.