Protecting Yourself From Equifax

By Linda Deos

On Thursday, September 7, 2017, Equifax, one of the three major consumer credit reporting agencies, suffered a major cyber-attack. The Equifax data breach is one of the largest in our country’s history, affecting half of the United States population and nearly three-quarters of consumers with credit reports.

Chances are this affects you. Plus, the stolen information is the mother lode of sensitive personal data that can be used for identity theft: Social Security numbers, dates of birth, addresses and in some cases, driver’s license numbers. This information could be used for phishing schemes or other fraud.

So what can you do to protect yourself? First, get a free copy of your credit report from Equifax and from the two other major credit bureaus, Experian and TransUnion. These are available, free of charge, from

You can get a copy of your credit for free once each year. Second, put a security freeze on your credit file. A security freeze is the most effective measure against “new account” identity theft because it stops thieves from using your stolen information. Equifax is offering one year of its credit monitoring and identity theft prevention product in response to the security breach, which it states includes “the ability to lock and unlock Equifax credit reports.”

Be aware, however, that although one year of protection is helpful it won’t stop hackers from buying and selling the stolen information for years to come. And you will know when there has been an attempt to open a fraudulent account after the fact. If you do not want to get a freeze, there is also the option of putting a 90-day “initial fraud alert” in your credit report that tells businesses they should verify your identity before they issue credit. The initial fraud alert must be renewed every 90 days.

In closing, I must say that it is ironic that on the same day that Equifax announced this data breach, Congress was considering a bill that would dramatic reduce the consequences of violating the Fair Credit Reporting Act (FCRA) for the credit bureaus and other industry players. H.R. 2359, the so-called FCRA Liability Harmonization Act, was just heard yesterday by the House Financial Services Committee and would eliminate punitive damages plus limit class action damages under the FCRA.

While the FCRA may or may not be directly implicated by the Equifax data breach, we need stronger, not weaker, consequences when companies violate long-standing privacy laws, such as the FCRA. Credit bureaus, such as Equifax, should not be rewarded with reductions in legal accountability given these recent events

Linda Deos, Esq. is a Davis resident and a Consumer Protection Attorney

Enter the maximum amount you want to pay each month
Sign up for

About The Author

Disclaimer: the views expressed by guest writers are strictly those of the author and may not reflect the views of the Vanguard, its editor, or its editorial board.

Related posts


    1. Howard P

      Thank you Keith, for what I’ll nominate as PSA of the month… seriously…

      I know my spouse ‘freaked’ when she heard the Equifax news… knowing there is a “but…” in what appears to be ‘a great offer!’, is valuable information/disclosure… thank you for passing this on…

      I can’t help, tho’, noting you used a ‘cnn source’…

  1. Linda Deos

    In order to avoid accidentally agreeing to arbitration I recommend requesting your credit report via snail mail. It takes longer, but the possibility of waiving your 7th Amendment right to a jury trial is negated.

    What I didn’t write yesterday is that the credit monitoring service offered by Equifax requires you to agree to arbitration – unless you opt out in writing within 30 days. A new rule by the Consumer Financial Protection Bureau would bar such forced arbitration clauses, but members of Congress have threatened to block the rule.

    1. Dave Hart

      Linda, I found this on the Equifax ( web site today:

      No Waiver Of Rights For This Cyber Security Incident
      In response to consumer inquiries, we have made it clear that the arbitration clause and class action waiver included in the Equifax and TrustedID Premier terms of use does not apply to this cybersecurity incident.

      Would I still need to write a letter which would include something like this?

      Dear Equifax:

      I wish to inform you that I wish to opt out of any and all arbitration clauses or any other legal restrictions that affect my ability to pursue a financial recovery for any damage due to the data security breach of your database that was reported in September of 2017.


Leave a Reply

X Close

Newsletter Sign-Up

X Close

Monthly Subscriber Sign-Up

Enter the maximum amount you want to pay each month
Sign up for