On September 9th, I created a blog (What Should You Do about the Equifax Data Breach) and recommended that consumers who are concerned about the recent breach at Equifax (and more than 160 million of us should be concerned) should place a security freeze on their credit reports at Equifax, Experian, TransUnion, and Innovis, the major, worldwide credit reporting companies. This service is free, and it will help to prevent identity thieves and scam artists from opening new credit accounts under your name.
However, a freeze alone does not protect you from every threat posed by the Equifax fiasco. In addition to credit information, hackers also accessed Social Security numbers (SSN), dates of birth, and drivers license numbers. These data can expose you to other dangers besides fraudulent credit accounts. You should take the following four steps to protect yourself.
- Guard your Social Security benefits. If you are approaching age 62 go to “My Social Security” and create your account to help guard your benefits. Even if you don’t plan to collect anytime soon, having your legitimate account in place will keep a thief from doing it before you do and having your benefits sent to a fake account without your knowledge. Even if you’ve set up your account but haven’t visited the website recently, you should do so now, just to make sure everything looks as it should. Also, in June, the Social Security Administration instituted two-factor authentication; when you enter your username and password, the site will send a text to your mobile phone with a security code that you must enter. This prevents identity thieves from accessing the account, since they don’t have your phone to receive the code. If anything looks amiss, contact the Social Security Administration immediately.
- Protect your tax refund. Once they have your SSN, thieves can redirect your tax refunds to themselves. The best defense is a PIN from the Internal Revenue Service (IRS), which must be included with your return. However, the only way you can get a PIN is if you’ve previously had a fraudulent return filed in your name or if the IRS otherwise determines you’re an ID fraud victim or likely to become one. At present, the IRS hasn’t said whether those victimized by the Equifax breach will qualify for a PIN. But it’s a good idea to request one anyway by filing a Form 14039 Identity Theft Affidavit available at the Internal Revenue Service website.
- Make sure your health insurance benefits are covered. With some of the data exposed by the breach, fraudsters can steal your benefits from Medicare, Medicaid, or private health insurance by filing false claims in your name. You should get copies of your medical records from providers to establish a baseline that can then be used to root out fake claims. If your medical provider uses an online patient portal, you should log in and check it to make sure that you recognize all the providers listed and that the treatments shown were actually received by you.
- Secure your drivers license. Your state motor vehicle department can give you a copy of your driving record, usually for a fee of about $10. Make sure the record matches up with your recollections. To see if any bad checks have been passed using your drivers license number, request your free annual report from the three major check verification companies: ChexSystems, Certegy, and TeleCheck. If you find evidence of fraudulent use, file a police report and request that your state department of motor vehicles flag your license number, which will alert law enforcement of the possible fraudulent use by anyone with your license. Then, you should request a new license number.
For more information and resources, visit the Identity Theft Resource Center. And above all, be careful out there!