Data Breaches: How to Protect Your Information
Data breaches have, unfortunately, become very prevalent these days. There are important steps you can take to protect your information if it has already been compromised in a breach or even if you just want to be proactive in reducing your risk of identity theft.
- Freeze your credit. First and foremost, consumers should strongly consider freezing their credit before they are impacted by a data breach. A security freeze (also known as a “credit freeze”) locks your credit file so that no one can see your credit report or credit score unless you lift the freeze. Since lenders will not approve new credit if they do not have access to your credit file, it makes it nearly impossible for an identity thief to open a new credit account in your name. Note that you will need to temporarily lift the freeze (by providing a password) if you wish to apply for a new loan or credit card. To place a security freeze, contact each of the three credit reporting agencies:
If you do not want to freeze your credit, you should at least consider contacting the credit reporting agencies to place a fraud alert on your account. Fraud alerts are available to people who have been the victim of identity theft. With a fraud alert in place, a business must verify your identity before it issues new credit in your name. The fraud alert stays on your account for one year, as opposed to a credit freeze, which remains in place indefinitely unless you opt to remove it.
- Monitor your credit cards and bank accounts. Check your accounts regularly for any charges you do not recognize. If you suspect fraudulent activity, contact the financial institution right away to report it and have replacement cards issued. Also, if your statement does not arrive as usual, contact the financial institution to make sure that an identity thief has not changed the address on your account.
- Cancel any cards or financial accounts that were compromised. If someone fraudulently accessed your credit card, debit card or bank account, immediately contact the financial institution to report the fraud, cancel the compromised card/account and have a new one issued.
- Change online logins and passwords, if applicable. If your login information to a site was compromised, immediately create a new user name and password. If your previous password was one you had used for other accounts, change out those passwords as well to reduce the risk of those accounts being hacked.
- File your taxes early. Filing your taxes early, (as soon as you have all the information you need), is one of the best ways to protect yourself from tax identity theft. After a breach, a scammer may commit tax identity theft by using your Social Security number to file a tax return and steal your tax refund. Most victims don’t find out about the fraud until they go to file their tax returns and are informed that someone has already filed a return using their Social Security number.
- Check your credit reports. You can get free credit reports each year by going to annualcreditreport.com. Review your reports carefully. If you come across any accounts or collection items that you do not recognize, contact the credit reporting agencies to dispute the matter and get it resolved. Note that under federal law, you are entitled to one free credit report each year from each of the three major credit reporting agencies. Plus, as a Georgia resident, you are entitled to an additional two free credit reports per year from each of the reporting agencies. Please note that because of the financial impact of the COVID-19 pandemic, the three credit reporting agencies are now offering free weekly credit reports through December 31, 2022.
- Agree to Free Credit Monitoring. If the company responsible for a data breach offers free credit monitoring to people whose information was compromised, take advantage of it.
- Follow advice offered by the organization that was breached. Read over information provided on the website of the company that was breached as to exactly what type of information was compromised. Follow any specific advice they offer regarding how to protect your account and personal information. Always make sure you are dealing with the legitimate organization as sometimes scammers try to pose as a representatives from the breached company in order to trick you into providing sensitive information.
- Visit identitytheft.gov to report the fraud and get step-by-step instructions on actions to take based on what information of yours was compromised.