Jim Rossman: What to do after after a data breach
Published in Science & Technology News
This week a reader writes, “In the past several months, I've received six written notices of data breaches possibly affecting my respective accounts. In each case, the company that was breached is offering complimentary identity monitoring. Since each company is offering the monitoring through a different provider, do I need to sign up for all of them or is it sufficient to just sign up for one company to monitor my credit?"
We’ve all received those notices. I can relate.
I believe we are close to the point where the data on everyone has been breached and is most certainly in the hands of people who would love to take advantage of it.
What should you do?
You need to protect your existing online accounts, and you need to keep bad people from opening new accounts using your information.
You should change the passwords of all the accounts for the companies involved in the breach. This is where a password manager would come in handy.
If you reuse your passwords, change all the passwords for the accounts using the same password.
You probably are overdue to change your passwords anyway.
You should also enable two-factor authentication on all your accounts – especially the financial accounts.
You should take the time to log into your accounts (or set up accounts) with each of the three big credit reporting bureaus – Experian, TransUnion and Equifax.
All of the credit reporting bureaus have largely the same advice to offer. I’m taking these suggestions from Experian. (https://www.experian.com/blogs/ask-experian/data-breach-five-things-to-do-after-your-information-has-been-stolen/)
You should initiate a Fraud Alert, which notifies any lender processing a credit application in your name that you may be the victim of identity theft and they should take measures to verify your identity.
Experian says when you add a fraud alert on your Experian account, they will apply it to the other bureaus as well, so you only need to do that once.
You should also be offered a free credit report, which you should get so you can see if there has been any suspicious activity. Most of these data breaches happened months ago, so chances are your information has been out there for a while.
You can take the extra step of freezing or locking your credit file, which will keep new accounts from being created.
You’ll need to freeze or lock your account separately at each reporting bureau.
Freezing is effective. I recently helped my mother-in-law get new internet service and the company told me there was a freeze on her credit and she needed to contact the bureau to unfreeze it before they could establish new service for her.
I helped her log into her Equifax account and unfreeze it. She was able to specify the number of days the account would be unfrozen, and we chose five days to give some time for the new internet account to be set up.
Getting logged in to all three credit bureaus is a good exercise for all of us; even if you haven’t been notified of a breach, chances are you will have your data stolen sometime in the future.
I took this advice yesterday and took the time to create accounts at the three credit reporting companies and froze my accounts. It was not difficult and took about 20 minutes total.
©2024 Tribune Content Agency, LLC.
Comments