A nonprofit publication of the Kentucky Center for Public Service Journalism

BBB Trends: Equifax credit reporting agency suffers serious breach of security — what do you do next?


By Sandra Guile
Better Business Bureau

Equifax, a major consumer credit reporting agency that aggregates data for both businesses and individuals, recently experienced a breach in security that lead to the release of the names, addresses, Social Security numbers, and credit card information of more than 143 million people in the United States. The massive data breach that put many at risk has people asking – what’s going to happen next? And what can I do to protect myself?

What’s Going to Happen Next?

One of the biggest questions people are asking is what’s going to happen to their information now that thieves have it. The most common scam that comes about because of a data breach is the imposter scam. Con artists pose as representatives of Equifax, claiming that they need to verify your account information. Because they already have most of the information they need, these scammers will sound incredibly convincing and can be difficult to distinguish from the real thing. They’ll most likely pressure victims for authorization to make an untraceable purchase for bogus services; since Equifax is known for credit monitoring, the scammer will probably mention something similar.

Additionally, the information released in the breach included enough details to easily find your contact information, so scammers may be able to gain access to your email address and cell phone number. They may reach out with phishing emails and text messages. Be wary of messages from unknown senders because any included attachments may contain malware and have the potential to infect your electronic device.

These thieves can also open credit cards, start online accounts, and make purchases with the information they’ve collected. Because it is so extensive, it makes it difficult for regulators to prove that you weren’t the one making the purchase, meaning months of frustration and documentation without the guarantee of resolution.

What Can You Do?

The thought of having your personal information out there for others to find is a frightening prospect, but it’s important to stay calm. You can take steps to prevent a bad situation from getting worse, and there are a few things to remember if you’re the victim of a data breach. First and foremost, you’re not responsible for any fraudulent charges made using your information! Most credit card companies are sophisticated enough in their identifying practices that they can tell what comes from you and what doesn’t. In fact, they’ll often contact you before allowing any suspicious charges to go through, notifying you of the problem.

Make sure to inventory all of your online accounts and update your passwords and usernames regularly – including the ones for your social media, financial institutions, and even your wireless router. Industry experts recommend passwords be between 10 to 12 characters long with a combination of upper and lowercase letters, and should include at least one number and one special character. Ideally, your passwords should be different for each website, and you should change them at least four times a year. If you need to store them, use a flash drive or external hard drive that isn’t connected to your wireless router.

Also, check your credit report if you suspect that something could be amiss. This will help you determine whether there have been any fraudulent purchases made with your card and you can dispute them with your credit card company. You should also consider freezing your credit; it prevents any new accounts from being opened under your name, reducing the risk of identity theft. There is a minimal cost associated with it, and the freeze has to be removed before opening a new line of credit like when you buy a car, refinance your mortgage, or purchase any big-ticket items.

How Can You Stay Safe?

After changing your usernames and passwords and checking your credit report, be vigilant in monitoring your financial accounts regularly. Review the files kept on your devices and delete any that are no longer necessary. Establish a system to backup any important pieces you would like to keep – like legal documents, insurance policies, and important family photos. Try to keep a copy of this information offline on a device that is stored in a waterproof and fire-resistant place.

Don’t trust what comes up on your caller ID, and avoid any unknown callers that come through your cell or home phone. Hang up on any robocallers or telemarketers that push for too much information, and don’t respond to any urgent messages on your answering machine from unverified sources. Report any suspicious emails or calls to the FTC and BBB’s Scam Tracker, and if you’re concerned that you’re the victim of identity theft, visit identitytheft.gov for recovery options.

BBB is hosting an event on September 26, 2017, for people interested in learning more about cybersecurity. Attendees can listen to advice from legal and ethical hacking experts on how best to protect themselves online, and they will have a chance to have any questions about cyberattacks answered by members of the panel. To attend [UNHACKABLE], visit hacker4hire.org.

Sandra Guile is the Community Outreach Specialist for BBB. She promotes BBB’s message of marketplace ethics through public speaking engagements, presentations, media relations, press releases, web content, and other written materials. Contact Sandra at (513) 639-9126 or sguile@cincinnati.bbb.org. Your BBB is located at 1 East 4th Street Suite 600 Cincinnati, Ohio 45202 – to reach the office, call (513) 421-3015.


Recent Posts

Leave a Comment