Consider your options in light of this terrible news where 1 out of 2 consumers is affected by Equifax security breach on July 29, 2017.
This is crazy and unprecedented in scope.
Overview of what happened:
On July 29, 2017, Equifax discovered a cybersecurity breach/hack incident which “potentially impacted approximately 143 million U.S. consumers. Criminals exploited Equifax’s U.S. website application vulnerability to gain access to certain files which includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. Criminals also accessed credit card numbers for approximately 209,000 U.S. consumers and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.” – Equifax.
It’s important to note this is what Equifax officially stated but we the people and our government need to dig deeper to investigate to see if this statement is accurate and full disclosure was provided in a timely manner to protect consumers from identity theft.
Write to your representatives to demand an investigation and answers to questions such as:
-How invasive was the breach?
-How extensive was the breach?
-Who was involved in the breach?
-What reforms will be taken so that this does not happen again?
Also demand that the executives who knew about the hack beforehand, and especially those who sold stock, be questioned and investigated.
These companies(TransUnion, Equifax and Experian) don’t think of us as customers. They think of us as products. They get lenders and others to send over our payment histories to them, aggregate it, and resell the data.
TransUnion, Equifax and Experian answer to no one unless we put a stop to this practice and implement a 3rd party oversight of their security practices to secure our private information, otherwise security breach incidents like this will continued.
“But perhaps most despicable of all, at this very moment, U.S. Senators are weighing legislation to take away our right to hold companies like Equifax accountable in court (S.J.Res.47), and the House of Representatives is considering legislation to make life easier for credit-reporting agencies that screw up (H.R. 2359). This cannot stand. Repealing crucial consumer protections as new financial scandals break every week would send a clear signal to bad actors like Equifax that they can continue to plunder consumers for profit. We call on Congress to IMMEDIATELY withdraw both S.J. Res 47 and H.R. 2359, and to hold hearings to investigate Equifax’s response to this cyber attack.” – Moveon.org
View our current laws for corporate data breach by state. However, what we need to adopt is a law requiring a single breach notification standard for sensitive personal data similar to the European Union’s GDPR (General Data Protection Regulation). This will set a data breach notification bar for all businesses of “not later than 72 hours” after a data controller has become aware of an intrusion.
Do you value protecting your personal information? If yes, consider exercising your consumer and democratic voting rights: here’s how you can help to begin the process of getting tougher consumer protection laws enacted…
Tell Congress to do their jobs to make stringent laws to hold Equifax and other companies like them accountable:
(2) Federal Trade Commission(FTC) https://www.change.org/p/federal-trade-commission-investigate-equifax
(4) email and write letters to your local and state representatives demanding accountability and new laws to protect consumer personal information
+ Insightful and worrisome Equifax cyber security lapses:
+ Egregious negligence? Horrific news: Equifax CEO Richard Smith’s decision to hire Susan Mauldin as Chief of Security Officier(CSO) of the company’s data security with qualifications of degrees in music(she does not have the cybersecurity education to competently work as CSO):
+ How Equifax hackers could file taxes in your name and get a refund from the IRS:
Five Steps You Can Do Now To Protect Your Credit Data
Here are five steps that you can take right now to protect your personal information from being misused. Caution: you risk financial chaos by doing nothing. Take action.
(1) Find out if your information may have been exposed. You can do this by entering your last name and the last six digits of your Social Security number at Equifax’s website. The site will tell you if you’ve been affected by the data breach.
(2) You can enroll for a free year of credit monitoring. Whether or not your information was exposed, U.S. Equifax consumers are eligible for a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll.
(3) Contact the nationwide credit reporting companies and review your free credit reports from each of them. You are entitled to a free credit report every 12 months from each of the three major consumer reporting companies (Equifax, Experian and TransUnion). You can request a copy from AnnualCreditReport.com. Be sure to monitor your accounts for any unusual activity. Accounts on your credit report that you didn’t open, incorrect personal information on your credit reports, and credit inquiries from companies you’ve never contacted are all potential signs of fraud or identity theft.
(4) Consider placing a credit freeze. Placing a credit freeze on your reports makes it more difficult for a thief to open a new account in your name. Remember that a credit freeze cannot prevent a thief from making changes to your existing accounts.
The are more than 8 million new victims of identity theft each year in the U.S. Many of these victims find that crooks have used stolen personal information like Social Security numbers to open new accounts in their victim’s name. A security freeze gives consumers the choice to “freeze” or lock access to their credit file against anyone trying to open up a new account or to get new credit in their name.
When a security freeze is in place at all three major credit bureaus, an identity thief cannot open a new account because the potential creditor or seller of services will not be able to check the credit file. When the consumer is applying for credit, he or she can lift the freeze temporarily using a PIN so legitimate applications for credit or services can be processed.
(5) Consider setting a fraud alert. This requires creditors to verify your identity before issuing a credit card, opening a new account or increasing a credit limit on an existing account. A fraud alert will not prevent a lender from opening credit in your name the same way a freeze does, but it does require lenders to take additional steps to verify your identity first.
If you don’t take any identity theft prevention steps, this is what could happen:
Financial identity theft
Because the Equifax credit reports contained so much personal information, including Social Security numbers and financial account information, fraudsters could use the report for reasons including new account fraud, medical identity theft — using insurance information to have a medical procedure, which can create confusion on the true insured person’s medical file for years — or tax fraud, Levin said.
The fraudster could open credit cards and start utility bills in your name, which would go unpaid, and into collections, which could ruin your credit score, said Adrian Nazari, the founder and chief executive of Credit Sesame, a credit monitoring service. As a result, it could become difficult to be approved for home loans, car loans, jobs and desirable interest rates in the future, he said.
Bloomberg reporter Drew Armstrong wrote this week about his experience when his identity was stolen, which took three years to resolve. In the meantime, the man posing as Armstrong opened accounts in his name at Wells Fargo and went to the Delano Hotel in Miami Beach.
Fraud affected some 15.4 million consumers in 2016, or roughly 6.15% of all consumers, up 16% from 5.3% of consumers in 2015, according to Javelin, a security firm, in a report sponsored by security company LifeLock (which obviously has a vested interest in the findings.) The mean amount it cost per fraud victim was $1,038, according to Javelin.
Incidents of new account fraud have risen especially quickly, Javelin found, because so much personal information has been compromised in data breaches over time. New account fraud also takes the longest to resolve, said Al Pascual, a senior vice president and research director at the security firm Javelin. “If you don’t take steps to actively protect your identity, you’re basically playing Russian roulette,” Pascual said.
Criminal identity theft
The fraudster could even commit a crime and turn in fraudulent identification information, which could mistakenly give you a criminal record.
That’s what happened to Jessamyn Lovell, an artist whose identity was stolen when she lost her wallet in 2011, in the San Francisco Bay area. She didn’t realize what had happened until a year later when the woman who stole her driver’s license checked into a hotel under her name. It seemed fishy to San Francisco’s Financial Crimes unit, which alerted Lovell.
It took years to track down and prosecute the woman; Lovell even had to hire a private investigator. By the time the whole situation was sorted out, the fraudster had shoplifted at Whole Foods, and Lovell had to fly to the Bay Area to appear in court (she had since moved to Albuquerque), to explain it wasn’t actually her.
Now, Lovell is training to become a private investigator herself, and she encourages anyone who suspects fraud, even a small credit-card charge, to report it right away. “It’s easy to miss or dismiss,” she said. “Get it taken care of.” Of course, preventing those situations from happening, if you’re able to, is even better, she said.
Consumers Union’s Guide To Security Credit Freeze Protection Frequently Asked Questions
+ Can we trust companies to secure our private personal data? Cybersecurity experts weigh in on Equifax’s failure to install software fix
+ Will consumers ever find out how much Equifax spends on cyber security versus on lining their deep pockets?
Do we need laws to create a cyber security standard for all companies to protect our private information? Equifax’s Failure to Apply Security Patches Enabled Massive Hack.
Most likely, you’ll have family and friends affected by Equifax’s security breach incident so share this important information and prevention tips with them.