AwardWallet receives compensation from advertising partners for links on the blog. Terms Apply to the offers listed on this page. The opinions expressed here are our own and have not been reviewed, provided, or approved by any bank advertiser. Here's our complete list of Advertisers.
As more of our personal and financial information is stored and exchanged online, data hacks have become a relatively common phenomenon. In the last two years, we’ve seen data breaches reported at prominent commercial and financial institutions in the world like Dun & Bradstreet, IHG, Kmart, Verizon, Deloitte, and the latest big one to hit the news, Equifax.
Equifax, one of three major U.S. credit reporting agencies, was hacked between May and July this year. The breach potentially exposed credit card details, Social Security numbers, and other personal information of up to 143 million people, along with the drivers license details of roughly 200K of those affected. Putting aside Equifax’s weak response to the breach, the Equifax hack has drawn a ton of press due to the scale of the breach (which may affect almost half of the U.S. population), and due to the nature of information stolen; sensitive personal and financial details.
What are the Potential Impacts for those affected?
The breach is one of the largest in U.S. history and potentially leaves those affected vulnerable to identity theft and fraud. If your data was amongst the treasure trove stolen by the hackers, they have enough details for identity thieves to impersonate you and could potentially:
- Open credit cards in your name
- Apply for loans or fake bank accounts
- Rent an apartment or business premises
- Lease a vehicle
- Receive medical care
- Put utilities into your name
- Apply for government benefits
And that is not the worst of it. That data will most likely end up on one of the many databases found deep online in the shady corners of the internet like the darknet, available to future thieves for a price.
What Can You Do to Safeguard Your Financials?
If you Google ‘protect yourself Equifax breach,’ you’ll turn up all sorts of advice ranging from credit freezes and fraud alerts to trying to negotiate a new social security number out of the government. But here’s the thing. You can freeze your credit files with each agency and put fraud alerts on all your cards and accounts, but if your data was stolen, then your details are out there, and most likely on sale for the highest bidder. Your identity can still be stolen even if you freeze your credit reports. The hackers aren’t required to use your details in the first month or the first three months. They could sit on that data for the next year (or longer) before they do anything with it.
So. What can you do to protect yourself from the Equifax breach? It turns out, quite a lot.
Assume Your Data Was Stolen
Equifax has set up a website to determine if your account was affected by the breach. Enter your credentials including the last 6 digits of your SSN, and you’ll find out if your details were stolen.
Or you won’t … Equifax’s record on this breach is deplorable. From the initial announcement made 6 weeks after the breach was discovered, to the second announcement on October 2 letting people know that even if the website said no the first time, it may say yes if you come back and repeat the process now. If you have a Social Security number, assume your data was taken and plan accordingly.
Additionally, check out the site ;–have i been pwned?. It allows you to check if you have an account that has been compromised in a data breach. You can also sign up for alerts — and it is totally free.
Monitor Your Credit Scores and Credit Reports
There are plenty of free services to monitor your credit score and credit report.
CreditKarma.com provides data from Equifax and TransUnion, while FreeCreditScore.com provides data from Experian. If that’s not enough for you to digest, you can receive an additional full copy of your credit reports from Equifax, Experian, and Transunion through AnnualCreditReport.com at least once a year.
Also, don't forget, your credit card issuer likely provides you a credit score and some alerting on a monthly basis. However, don't solely rely on this; you also need your credit reporting data! Bonus: If you've got a Discover Card, they'll do monitoring/alerting for your SSN on known risky websites and the dark web.
Perform a Background Check on Yourself With LexisNexis
While the majority of identity theft or impersonation in the U.S. involves credit cards, with the information, Equifax let slip through its fingers identity thieves could be giving your name and details to rental companies or collections agencies, banks, or government departments.
If you want to get a complete picture of where you stand, order a Full File Disclosure Report from LexisNexis.com. The report performs a comprehensive background check and will let you know every detail on file from banks and government databases to auto-insurance and traffic violations. It’s a thorough background check you can access for free, comprehensive enough that the one we received here at AwardWallet following the breach measured 124 pages of details. We couldn't find any info restricting how often you can apply for the report, so we're assuming you can do so more than once per year.
Also, when you get your report, keep it safe. If you haven't been a victim of identity theft and someone nefarious gets ahold of the report, you might not like the outcome.
Some things you'll see in your LexiNexis Report (all taken from LexisNexis):
- C.L.U.E.® Auto Claims Report – The C.L.U.E.® Auto report provides a seven-year history of automobile insurance losses associated with an individual. The following data will be identified for each loss: date of loss, loss type, and amount paid along with general information such as policy number, claim number and insurance company name.
- C.L.U.E.® Property Claims Report – The C.L.U.E.® Personal Property report provides a seven-year history of losses associated with an individual and his/her personal property. The following data will be identified for each loss: date of loss, loss type, and amount paid along with general information such as policy number, claim number and insurance company name.
- Current Carrier® Reports – Summarizes historical home and auto coverage information provided by participating insurance companies. Used to assess current insurance coverage as well as identify gaps in prior underwriting. (More Details)
- InsurView™ – Provides attributes using public data. Used for insurance underwriting and insurance prescreen. (More Details)
- Traffic Violation Search – Provides search results from public records. used to assess applications and renewals of insurance underwriting.
- Banko® Report – Provides search results from national court records regarding bankruptcies, tax liens, judgments. Used to monitor developments that could affect a current account relationship. (More Details)
- Benefits Assessment Report – Provides search results from public records, including property and personal information. Used my public assistance agencies to evaluate applications for government benefits.
- Collections Decisioning Report – Provides search results from public records. used to determine a consumer's ability to pay an outstanding debt. (More Details)
- Life Public Records Disclosure Report® – Provides search results from public records. Used for underwriting life insurance.
- RiskView Report – Provides search results from public records. Used by lenders to evaluate an applicant's ability and willingness to repay a debt.
Add a Second Layer of Security to Your Accounts
Using a password manager such as LastPass, and activating two-factor authentication on every account is now the new normal if you want your data protected. Most websites and apps holding sensitive data now offer some form of two-factor authentication, and using a password manager allows you to store hundreds of complex passwords, so even if one company is hacked, your passwords are all different, and the incident is isolated.
Also keep in mind that the data that such password managers store will use one-way encryption so even if that data was stolen, it'd be impractical for a thief to try to do anything with it given how difficult it'd be to access the data.
Two-factor authentication should be an absolute must for your primary email program — if someone has access to your email, think about the damage they could otherwise do with password resets!
The Reality
The best defense against data theft from Equifax, or any of the dozens of companies hacked each year, is to proactively monitor your credit scores and financial info as part of a routine set of checks. Just like you monitor credit card accounts to ensure you don’t carry a balance (rule #1 of the award travelers code), you need to keep an eye on your financial and credit information on a weekly/monthly basis. And you should be monitoring your data whether it was taken during the Equifax debacle or not.
Final Thoughts
Some of our advice may run counter to information provided by mainstream media, but it’s the same advice we promote for those that haven’t been subject to identity fraud or stolen data. Our personal and financial information is increasingly held online, and not every company takes data security seriously. Even if you freeze your accounts, signup to the Equifax free credit monitoring service (need to register by January 31, 2018), and put fraud alerts on all your accounts, you’re still at risk of identity theft now and into the future.
As the adage goes, “the best defense is a good offense,” which in credit terms means the best defense against identity theft is; to proactively monitor your credit file and financial information. Take it into your own hands. Because if the hacks such as the Equifax breach teach us anything, it’s that our information is not always in our control. Our only viable play is taking steps to protect our credit scores by monitoring our files, and keeping good records in the event something runs afoul.
Been caught up in the Equifax saga? Let us know your experience in the comments and the steps you’ve taken to protect your financials.
The comments on this page are not provided, reviewed, or otherwise approved by the bank advertiser. It is not the bank advertiser's responsibility to ensure all posts and/or questions are answered.
I just signed up for AwardWallet. When I signed in my Amex Membership I got an alert that I was in 8000+ databases so I cancelled my online account and renewed everything – then when I resigned it shows up 1 time. What does that mean?
Please contact our support team if you have a question related to an account added on AwardWallet:
https://awardwallet.com/contact
This is one of the best resources that I have seen on this topic. Thank you!
It’s important to stay current with these things. No one will care about protecting your data more than you.
Of Course you shouldn’t rely on it. But Credit Freeze is the best thing the legal system in the USA has right now to protect against identity theft. We do need some laws changed. The Equifax breach has the potential to cause life long problems for those whose information was stolen.
Credit Freeze will not prevent you from getting set up with Comcast, AT&T, Apartment, Mortgage, etc as long as you keep track of the PIN that you create. It is a bit of a hassle, I admit. But it is much less of a hassle and thou$and$ of dollar$ cheaper than having your credit stolen and having a new part-time or even full-time job trying to get false delinquent reports and debts you don’t owe off your credit report. Of course the Credit File companies don’t want you to Freeze your credit, because they can’t make money off of the portfolio they have collected about you…So they will try to convince you NOT to freeze…you are welcome to take the bait if you like. It’s your life, your credit file.
CREDIT FREEZE prevents theft. Credit Monitoring alerts you AFTER there has been a theft. I’d rather have theft PREVENTED rather than be told about it after the fact. Here is how to freeze your credit. http://clark.com/personal-finance-credit/credit-freeze-and-thaw-guide/
I would too, but if you’ve already had your information stolen what good is a freeze?
Great Q Howie…Credit Freeze will not allow those who have your information to open any accounts in your name. Fraud or Credit Alert won’t stop them from opening accounts. Alert’s will just tell you that someone has ALREADY opened an account in your name.
Will a credit freeze prevent me from getting set up with Comcast or a phone line with at&t? How about signing an apartment lease? Sure, a credit freeze will prevent new credit accounts, but that is only one aspect of identity theft. I don’t disagree that a credit freeze would help, but relying on it and only it would be a mistake.
Totally agree, what we all need to be is diligent in every respect.
great advice
I use all of these to keep a status on things.
Had someone open a credit bf are under my name but luckily there were red flags and I was called. Put a fraud alert on. Best advice.
thanks !
Interesting about the LexisNexis reports – hadn’t heard about that. I’m going to give that a try.
if someone wants to hack your data, it is really hard to stop them if they are sophisticated
excellent info…..many thx!
But is a password site free from breaches also? Then they have ALL of my information!!! That’s really scary!
Yes, but it is important to understand how they store and transmit your passwords. If they never store anything unencrypted or transmit anything unencrypted, you’re on the right path.
Great information. Also suggest contacting your local representative if your state charges to remove any credit freezes. Many states are thinking about now preventing those charges.
And another one! This really is a losing battle.
This article is excellent. I am definitely going to LexisNexis to pull my report.
LastPass or LessPass, which one do you recommend?
I’d never heard of LessPass before — looks like an interesting concept, but I can’t recommend it as I haven’t tried it.
I’ve been very satisfied using LastPass for some time.
this should apply even there is no breach
Absolutely, 100%.
good info..
nothing is secure anymore so monitoring credit is a must
It is quite frightening how often these days there seems to be major data breaches. Those are just the ones we hear about.
It’s unfortunate but seems like no information is secure anymore.
Thanks for the information. It is unfortunate that we have to take so many precautions…
It’s the way of the world these days..! Thanks for the tips.
Important to keep in mind
Thank you! This was really useful article.
I have had a credit freeze in place with Equifax for a while before the breech. I have actually tried for more than a year to get it lifted temporarily so I can apply for another credit card but I lost the pin code and could not get a new one or the situation resolved, even after countless attempts. Regardless of how they were contacted, by mail or by phone, Equifax remained a complete black hole.
I had already given up all hope that I will ever be able to get access to my credit again until I heard about the breech and thought at least someone has been able to find a way to my data, maybe if we can find out who it was I could get back into business.
The key learning here is to stay away from this company at any and all cost. Yes, I agree that placing a credit freeze is the right thing to do but strongly recommend doing that with one of the other companies to avoid further risk and damage.
In my opinion, credit alerts are life savers. Specially for us in this hobby that have to transmit SSN and stuff like that more frequently than most. I think always taking everything with a grain of salt helps make breaches more bearable as you already have a better understanding of the information you disclose and how it could be used.
I signed up for a credit freeze after learning about this breach.
but will it actually help protect you?
nice non-hysterical report
This is good info, and staying on top of things is ultimately the most important things, since without that, it’s likely you won’t even notice. But I’m also to the point where, sadly, I’m not sure anything or anyone is truly safe in this realm.
Thank you for this important information!