By Linda Deos
On Thursday, September 7, 2017, Equifax, one of the three major consumer credit reporting agencies, suffered a major cyber-attack. The Equifax data breach is one of the largest in our country’s history, affecting half of the United States population and nearly three-quarters of consumers with credit reports.
Chances are this affects you. Plus, the stolen information is the mother lode of sensitive personal data that can be used for identity theft: Social Security numbers, dates of birth, addresses and in some cases, driver’s license numbers. This information could be used for phishing schemes or other fraud.
So what can you do to protect yourself? First, get a free copy of your credit report from Equifax and from the two other major credit bureaus, Experian and TransUnion. These are available, free of charge, from annualcreditreport.com.
You can get a copy of your credit for free once each year. Second, put a security freeze on your credit file. A security freeze is the most effective measure against “new account” identity theft because it stops thieves from using your stolen information. Equifax is offering one year of its credit monitoring and identity theft prevention product in response to the security breach, which it states includes “the ability to lock and unlock Equifax credit reports.”
Be aware, however, that although one year of protection is helpful it won’t stop hackers from buying and selling the stolen information for years to come. And you will know when there has been an attempt to open a fraudulent account after the fact. If you do not want to get a freeze, there is also the option of putting a 90-day “initial fraud alert” in your credit report that tells businesses they should verify your identity before they issue credit. The initial fraud alert must be renewed every 90 days.
In closing, I must say that it is ironic that on the same day that Equifax announced this data breach, Congress was considering a bill that would dramatic reduce the consequences of violating the Fair Credit Reporting Act (FCRA) for the credit bureaus and other industry players. H.R. 2359, the so-called FCRA Liability Harmonization Act, was just heard yesterday by the House Financial Services Committee and would eliminate punitive damages plus limit class action damages under the FCRA.
While the FCRA may or may not be directly implicated by the Equifax data breach, we need stronger, not weaker, consequences when companies violate long-standing privacy laws, such as the FCRA. Credit bureaus, such as Equifax, should not be rewarded with reductions in legal accountability given these recent events
Linda Deos, Esq. is a Davis resident and a Consumer Protection Attorney