In September, Equifax, a major credit reporting agency, announced one of the largest cybersecurity incidents in history in which hackers accessed personal information from 143 million of its customers. They gained control of the website and while federal authorities began to piece together the details of exactly what caused the Equifax cyber breach, it’s clear there was a flaw in the design used to build web applications. Perhaps most alarming is that Equifax admitted it was aware of the security flaw a full two months before hackers infiltrated its system. To make matters worse, the company waited more than a month to disclose the stolen information to its customers and shareholders.
This particular Equifax cyber breach, however, is noteworthy due to the massive amount of people affected, the extensive type of information accessed (Social Security numbers, addresses, credit card numbers, driver license numbers, and birth dates), and the very nature of the company itself – a major credit reporting agency. It leaves nearly half of all Americans vulnerable to identity theft, as thieves can destroy your credit with the personal information they stole.
So, what should you do now?
Remain calm and know that you’re not powerless. You can keep your personal information safe from breaches by taking action with these essential steps.
Immediate Credit Protection Must Dos
- Freeze Credit Scores. By freezing your credit report, potential creditors - or anyone for that matter - cannot access your credit report. This crucial line of defense decreases the risk of anyone impersonating you and opening new accounts or attempting credit or rental applications in your name. Lock your credit score at one of the three credit-reporting agencies:
- Carefully Monitor Credit. Especially disturbing about the Equifax cyber breach is the gap in time between when the attack began and when it was disclosed. For this reason, it’s critical that you check your credit report as meticulously as possible for any suspicious activity. The US government guarantees everyone access to a free annual credit report from one of the three agencies. While looking through your report, inform your credit card company’s fraud department if you notice any fraudulent charges, and do so in a timely manner to avoid being held responsible for any of them.
- Change All Passwords. Following a security breach, like the Equifax cyber breach, it’s safe to assume the hackers stole a large list of passwords. The use of weak passwords and the compounding problem of re-using them on other sites makes us more susceptible to hackers and emphasizes the importance of frequently changing passwords. It’s also crucial to fortify passwords in order to avoid future thefts. Potential victims should take the following steps:
- change passwords on all important sites
- turn on two-factor authentication on all site that allow it
- never re-use passwords anywhere
- use only good passwords; i.e. random lists of characters that alternate case and use numbers and punctuation
- change passwords often
- Consider a website like LastPass which produces complex passwords and stores them all in the cloud, allowing you to invoke them even from a compromised system. A lengthy password is central to this type of cloud-storing site, because it strengthens the password exponentially, especially if it’s loaded with a variety of symbols.
- Back Up Your Data. While we increasingly use cloud storage consider a portable back up drive as well. Hackers can easily access your iCloud, Google Drive, Dropbox, or OneDrive account and destroy your data. So for optimal protection, utilize a cloud backup service that constantly backs up your files in real time, but also purchase a portable drive as another precautionary measure. Then take the drive to another location, such as your workplace, a friend or relative’s house, or a safety deposit box. This will ensure your data is safe if there is a fire or another incident that causes severe damage to your home.
- Harden Vulnerabilities. Be sure to turn on the encryption on your computer to protect the hard drive. As a result, your data cannot be as easily compromised if your computer is stolen. Additionally, avoid online banking on a computer that you use to surf the Internet and consider purchasing a computer solely dedicated to online banking and other important financial transactions. An inexpensive laptop can keep your browsing activity and visits to social media sites entirely separate from sites that store sensitive financial information.
These precautionary steps are essential to protect your own personal information. Collectively, they make it more challenging for criminals to access personal information that could have disastrous consequences. Learn more about cyber risk.