Equifax announces data breach

Equifax, one of the major credit reporting agencies, announced Friday, Sept. 8, 2017, that a breach occurred between mid-May and July 2017. The hackers accessed people’s names, social security numbers, birth dates, address, and some drivers license numbers, as well as credit card numbers. Equifax has set up a website for consumers to check if their information was exposed: https://www.equifaxsecurity2017.com/  Click the “Potential Impact” tab at the bottom of the page, enter your last name and the last six digits of your social security number. Please make sure you are on a secure computer and use an encrypted network connection. The website will let you know if you have been affected by the breach.DFR believes that Vermont financial institutions have maintained an extremely strong security posture, however, consumers need to be constantly vigilant.

Here are some steps consumers can take to help protect themselves after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Things financial institutions can do:

  • Confirm credit report information with customers – Before originating loans and before denying any loan, financial institutions should confirm your credit report information.
  • Additional security measures – If a customer informs a bank that they were one of the consumers whose information was stolen, the bank can code the customer account with a “red flag” to contact the customer at a pre-designated contact number or e-mail prior to opening an account, applying for credit, or making any changes on existing accounts. The customer can also contact the major credit reporting bureaus to put a fraud alert on their account.
  • Patch Management – Verify that all information technology and information security patches have been installed.