Protect yourself as if you’re a data breach victim

In April 2024, over 2.9 billion records including sensitive information like social security numbers, were likely part of a large data breach. If you’ve been part of any data breach or if you’re one of those lucky few who have never been notified of being a part of any data breach, you should be taking steps to protect your identity and your assets. In otherwords, act like you’ve been a victim of a breach even if you aren’t confirmed as being one.

Lifetime habits to protect yourself from identity theft:

• Set up security and daily alerts on all of your financial accounts that notify you of what’s going on in your accounts. For example, opt to receive an immediate text of any wire transfer out of your account because the FBI can get your money back if it’s reported within 24 hours of a transfer.
  • If you are not comfortable doing this yourself online, do it on the phone with a banker or go into the financial institution and ask them to do it for you.

 

• Include a quick review of all of your banking accounts as part of your regular routine to make sure there are no unauthorized transactions.
• Use unique, safe and secure passwords on every account you have – especially financial accounts and email accounts because email accounts can be used to reset passwords and you don’t want to make it easy for someone to get into your accounts via your own email address.
  • A strong password is long, hard to guess and made up of upper and lower case letters, numbers and special symbols.
  • Use a password manager so the only password you have to memorize is the one for the password manager. Make sure it is very long and complicated.

If you have a strong password you do not need to change it often.

• Use two-step authentication wherever and whenever it is possible. This is a system of using more than a user name and password to gain entry into an account. ie. In addition to standard log-in requirements, you must enter a code received via text before you can gain access. An example is Google’s 2-Step Verification for gmail or Apple’s 2-Step Authentication for an Apple ID. The second step may be a question, image or code. It can also be a physical token but these come with the risk of loss, misplacement or theft.
  • I even do this on my social media accounts because social media account breaches have also become very common.
• Have good security questions that are hard to guess.
  • Do not use “Mother’s Maiden Name” as a key question. If you have no choice, make up a different answer to that question and use that instead.
• If you find it too inconvenient to have a credit freeze on your account (you have to pay a small fee each time you need to unfreeze it for your own transactions), keep a permanent fraud alert on your credit.
• Be diligent about matching transactions to statements for all financial accounts.
• Avoid unsecured WIFI. Period!
• Use your own secured, malware-free and virus-free computer for financial and confidential  transactions.

Identity theft can be devastating. As daunting as they seem, these steps are manageable and to repeat, they form a list of good habits to follow whether you’ve ever been a victim of identity theft or not.

What do you do if you are a confirmed victim of the Equifax breach or any identity theft:

• Cancel compromised credit cards.
• Suspend all activity on compromised financial accounts.
• Close compromised accounts and set up new ones as soon as possible.
• File a report with the FBI’s Internet Crime Complaint Center
• If money has been wired out, report it to the FBI immediately. If it’s been less than 24 hours, the FBI can likely get it back. (see direct link to contact FBI agent in article linked to above.)
• Contact your broker if an investment, retirement or brokerage account has been impacted.
• Obtain an annual free credit report. (Or get 3 free reports per year by requesting one from each credit bureau (TransUnion, Equifax, Experion) once a year. Stagger each request by 4 months and repeat every year.
• Request a free manual social security number search from the major credit bureaus to see if your number is being used with someone else’s name.
• Place a fraud alert or a credit freeze on your credit file. (Do it separately with each of the credit bureaus.)
• Review your credit report carefully for activity not belonging to you and if you find any, take appropriate actions.
• File a police report with your local police department.
• Sign up for credit monitoring with a reputable company – hopefully paid for by the business that compromised your information, if that applies. This is one of many suggested steps but on it’s own, it will not offer adequate protection.
• If you have a missing device with confidential information on it, (phone, tablet, computer), remotely wipe it clean yourself or ask your carrier for help with this if you can’t.
• Remove yourself from people directories to make your private online information difficult to locate. Basic information located online such as your birthday, mother’s maiden name, pet’s name and address can help a thief gain access your information by guessing your passwords and answers to security questions as they try to get into your accounts.
  • Use step-by-step tutorials to remove your information yourself or contact me for help.
• Set up or review the alerts you already set up on your financial accounts per the guidelines in the first part of this article.

It is important to recognize that once your social security number has been compromised, it will likely be compromised again and you unfortunately remain at risk permanently. As frustrating as this is, it’s not the end of the world. What it means is that you must develop good habits and always take steps to protect yourself. Dealing with identity theft is aggravating and takes an enormous amount of time. Anyone who’s had to deal with the financial or personal damages related to identity theft will agree that prevention is way better than cure!

Until next time,…Stay Cyber Safe.