Updated September 2021

In September of 2017, the credit reporting giant Equifax announced some very unsettling news. The credit reporting agency experienced a massive data breach which unfortunately compromised the personal identifying information of approximately 143 million people.

Why This Breach Is a Big Deal

Data breaches have occurred with alarming regularity over the past several years. Insurance providers, hospitals, retail chains, online gaming services, and many other businesses have experienced cyber theft which compromised the personal information of millions. In fact, it almost feels as if you cannot turn on the news without hearing about a new breach of security.

The frequency of these data breaches can be desensitizing. It can cause you to drop your guard. That, however, could be a dangerous mistake — especially if your information has indeed been compromised in the Equifax breach.  

Equifax’s breach does not simply involve credit card information which you can easily change to prevent fraud. Instead, the breach could expose personal information you cannot change: names, Social Security numbers, dates of birth, etc.

There’s another danger as well. Criminals could potentially sit on your stolen information for years. This tactic could allow you to forget about the danger, before any actual fraud or identity theft is even attempted. So, if you were among the 143 million consumers compromised, your exposure to identity theft is now a long term risk.

Action May Be Needed. Panic Is Unnecessary. 

Now that you have digested the bad news, let’s talk about what you can do to protect yourself. Panic is not going to solve anything, but a solid plan can go a long way.

1. Find Out If You Are a Victim

Equifax maintains credit files on over 200 million consumers. Approximately 29% of you were fortunate enough not to have your personal information compromised. You can find out if you were exposed to the data breach here:

https://www.equifaxsecurity2017.com.

(NOTE: Equifax initially came under fire on social media and from several lawmakers, including New York Attorney General Eric Schneiderman (D), for including fine print in the terms of service on the above webpage which reportedly may have attempted to dupe consumers into waiving their rights to enter a class action lawsuit or to sue Equifax over the breach. Equifax has since changed their terms of service to remove the offending clause.)

2. One-Call Fraud Alerts

If you visit the website above and discover that your “personal information may have been impacted by this incident” then placing a fraud alert on your credit reports may be wise. You can easily place a one-year fraud alert on all three of your credit reports by requesting an alert with Equifax, TransUnion, or Experian.

Per the Fair Credit Reporting Act (FCRA), once any of the credit bureaus receives a request for a fraud alert they must communicate that request to the other two remaining bureaus on your behalf. They’re called one-call fraud alerts for that reason.

The FCRA also gives you the right to place an extended, seven-year fraud alert on your reports as well. However, you will first need to prove that you have actually been a victim of identity theft (aka someone has opened or tried to open a fraudulent account in your name). Both types of alerts are free under the FCRA.

3. Credit Monitoring

Equifax initially offered free credit monitoring (TrustedID) for one year to anyone who wants to take advantage of the offer. Now that the initial period of time has passed, you can’t take advantage of the offer. Yet you can still claim a free copy of your Equifax report (along with TransUnion and Experian reports) at AnnualCreditReport.com

Per the FCRA, you can claim a free report from each credit reporting agency once every 12 months. And right now, thanks to the coronavirus pandemic, you can download a free report from each bureau once a week.

Remember, if you want to truly keep an eye for fraud on your credit reports then you will need to monitor all three credit bureaus. Checking one report isn’t enough to protect you.

It has always been important to check, monitor, and review your credit reports for fraud and errors — and to do so often. If your information has been exposed in the Equifax data breach, that importance has simply become magnified for you more than before.

4. Credit Freeze

Fraud alerts have the potential to help your prevent identity theft and credit monitoring can help you to quickly discover fraud when it occurs. But if you want a tool which can help to prevent criminals from opening fraudulent accounts in the first place then a credit freeze is the biggest gun in your arsenal with which to defend yourself.

When you place a freeze on your file with a credit reporting agency, it takes your report out of circulation. This means no future lender will be able to access your reports. If a scammer tries to use your information to open a fraudulent account, the freeze will stop a lender from pulling your credit. Therefore, any future loan applications will most likely receive a denial. Almost no lender is going to approve a new application if they cannot review your credit.

In the past, there was a fee to freeze your credit report (under $10 per credit bureau at the time of the Equi-Breach). But a 2018 amendment to the FCRA — the Economic Growth, Regulatory Relief, and Consumer Protection Act — made credit freezes free.

However, unlike fraud alerts, you must place an individual freeze at each credit bureau. These links can help you place your requests:

Additionally, the credit bureaus also offer a service known as a “credit lock.” Equifax has even announced that it will be giving away credit locks for free to victims of the breach.

In the past, some credit bureaus have advertised credit locks are more convenient than freezes. Yet it is unclear whether or not they offer the same protections. Credit freezes are generally covered by state and federal law. So, they may offer you more protection in the event of a problem.

5. Keep It In Perspective

The truth is that identity theft is a growing crime. Fraudsters stole over $16 billion dollars in 2016 alone. That same year, approximately 15.4 U.S. consumers were victims of identity theft. Long before the Equifax data breach (and now for sometime afterward), your personal information may have been vulnerable to thieves in one way or another.

It has always been and will continue to be your personal responsibility to check your credit reports. And you should do so often. This habit matters because it can help you verify that your reports contain only accurate information about accounts you applied for and opened yourself.

If you ever discover fraudulent accounts on your credit reports, don’t worry. Identity theft stinks. But the Fair Credit Reporting Act (FCRA) gives you a long list of rights with a lot of teeth to help you recover.

Michelle Lambright Black is a leading credit expert, writer, speaker, and credit expert witness with nearly two decades of experience in the credit industry. She is an expert in credit reporting, credit scoring, financing (mortgages, credit cards, loans), debt eradication, budgeting, saving, and identity theft. She’s featured in print monthly with brands such as FICO, Forbes, Reader’s Digest, LendingTree, Experian, and more. Connect with Michelle on Twitter (@MichelleLBlack) and Instagram (@CreditWriter).