Most of you are already aware of the massive breach by Equifax. Just in case you are not, below is information regarding the breach as published by The Colony Group. Asbury Seminary is passing this information along to our employees, however, we are not endorsing it, nor taking responsibility for the information.
As you may have heard, Equifax, one of 3 large credit reporting agencies in the US, recently reported a security breach of data belonging to over 143 million American consumers. If you would like to see if you were personally affected, please follow this link.
We highly recommend that you follow the above link as soon as possible, and also consider checking (or passing on this email to) friends and family.
Additionally, you will find below a list of common questions and answers that you might find helpful.
Q: What steps should I take now?
- Equifax has established a dedicated website, equifaxsecurity2017.com, to help consumers determine if their information potentially has been impacted, along with an offer to enroll in a complimentary identity-theft protection and credit-file monitoring service. It may be difficult to know definitively if you have been impacted. We believe it is wise to assume that, if you are an adult living in the US who has ever applied for a mortgage, credit card, or utility service, your data is almost certainly a part of this breach. It may still be advantageous to follow the steps in order to sign up for the free credit monitoring offer.
- Immediately begin monitoring your credit reports. You are entitled to one free credit report per year from each of the three agencies (TransUnion, Equifax and Experian). At annualcreditreport.com(recommended by the FTC as the best source for checking your credit report) you will be able to easily access your report on-line for free. Do not pay for any offered services as you are interested just in the information and not any scores they might provide. Look for any accounts or addresses that are not yours on your report and then pay particular attention to any changes as you continue to monitor your report in the future. Also make sure you get any errors and any old accounts cleaned up to help prevent easy access to your credit. You can also utilize a credit monitoring service such LifeLock, IDShield, Identity Guard, or Credit Secure (or a number of other companies including the free one year offer from Equifax).
- Monitor your bank accounts and credit cards for signs of fraud. Immediately report any suspicious activity to your bank. Accounts should be monitored at least monthly.
- Seriously consider placing a credit freeze on your credit file. A credit freeze makes it much more difficult for anyone to open a new account in your name (though it also makes it more difficult for you to open new accounts in your name as each new account needs to be authorized using a PIN).
- If you decide not to place a credit freeze, at least place a fraud alert on your account. A fraud alert is intended to warn creditors that you may have been the victim of identity theft and asks them to verify the identity of anyone seeking credit in your name.
- The FTC also recommends filing your taxes early to make sure that someone else doesn’t file in your name to get a refund before you file your own tax returns.
Q: What should I do on an ongoing basis to try to protect myself from potential fraud or identity theft?
- Credit Freeze:A credit freeze prevents new creditors from accessing your credit report unless you lift or remove the freeze, either temporarily or permanently. Credit freezes can be placed with each of the major credit bureaus (and one small one) through these links: Equifax, Experian, TransUnion, and Innovis. There is a small fee for placing a freeze on your account. Another small fee will be charged each time you temporarily ‘unfreeze’ a credit bureau report (if you are opening an account or applying for a mortgage/loan, etc). For MA and RI residents:if you have been a victim of identity theft and you provide the credit reporting agency with a valid police report, it cannot charge you to place, lift or remove a security freeze.
- Fraud Alert:A fraud alert is a notification you may request that a nationwide consumer reporting agency place on your credit report that warns creditors that you may be a victim of identity theft. Think of a fraud alert as a “red flag” for those third parties that may consider extending you credit. Fraud alerts are free, and will still allow third parties access to your credit reports – however, if there is a fraud alert on your credit report, third parties will be encouraged to take certain steps to verify your identity before extending you credit. Once you place a fraud alert with one nationwide consumer reporting agency, it will be automatically placed with the other two nationwide consumer reporting agencies. Fraud alerts remain on your report for 90 days. You must renew it once the alert expires if you wish to keep an alert active on your report. Fraud alerts can be placed using these links: Equifax, Experian, TransUnion, and Innovis.
Q: What additional advice do you have to protect myself?
- Credit vs. debit cards:In general, protections for you are much higher with a credit card than a debit card so it may be wise to use credit for purchases, particularly when shopping online. If fraudulent transactions are made on your credit card account, there is no immediate financial hit while you straighten things out. However, if a debit card is compromised and a thief is able to withdraw dollars from your bank account, the money is gone from your account until you are able to get it restored.
- Create strong passwords:They should contain a mix of capital and lowercase letters, numbers, and symbols. Consider making your password a sentence that is at least 12 characters long (for example, I love jazz music) – many websites even allow the use of spaces. A unique password should be used for each of your important accounts.
- Fortify online accounts:Enable authentication tools, such as biometrics, and security keys. You can also connect a one-time password (OTP) generator to your accounts. Usernames and passwords often are not enough to adequately protect key accounts such as email and banking.
