Equifax recently announced a data breach impacting at least 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.
The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers and certain dispute documents with personal identifying information were accessed. As part of its investigation of this application vulnerability, Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents. Equifax will work with UK and Canadian regulators to determine appropriate next steps. The company has found no evidence that personal information of consumers in any other country has been impacted.
Equifax has established a website, www.equifaxsecurity2017.com, where U.S. consumers can determine if personal information may have been impacted by this data breach. However, various media have noted inaccurate or unreliable results using Equifax’s tool to find out if your data was compromised.
Boise State’s Office of Information Technology’s Cybersecurity site at oit.boisestate.edu/cybersecurity provides security details. Meanwhile, here are steps you can take to safeguard your personal data in light of this massive breach:
- Request A Free Copy Of Your Annual Credit Report: Take great care to review your credit reports. If you find inaccurate information, contact the companies listed on the credit report(s) directly. You can also contact the Identity Theft Resource Center, a non-profit, at (888) 400-5530 to assist you, and/or subscribe to an identity and credit monitoring service to alert you when your personal information is used.
- If You Confirm That You’re A Victim Of Identity Theft, Create An Identity Theft Report With The Federal Trade Commission (FTC): Expect law enforcement to request a copy of this report when you contact them.
- Consider Placing An Extended Fraud Alert Or Security Freeze On Your Credit: Creditors will still have access to your credit file, even though you’ve placed a 7-year extended fraud alert, but must first contact you to verify your identity before extending credit. A credit freeze generally prevents creditors from accessing your credit file. To request one, you must call each credit bureau directly. Laws vary by state.
- File Your Tax Returns As Soon As You Can: Filing an early tax return protects you from identity thieves who could file and collect your tax refund before you do. You can also request a Personal Identification Number (PIN) in order to submit a your tax return. In the case with the Equifax data breach, it especially pertinent to stay on top of this to allow time to remediate any issues.
- Contact The Social Security Administration: Request a copy of your wage earning report to verify that your social security number is not being used fraudulently, which could result in your owing taxes for wages earned by someone who’s stolen your information.
- Contact Your Health Insurance Carrier: Request a copy of your health insurance statement in order to identify any fraudulent medical claims.