Equifax Breach Info & Resources
By now, you have probably heard that on September 7th, 2017, Equifax announced a cybersecurity incident involving consumer information. We quickly reached out to understand the situation and gather information that we are now sharing with you. We want to ensure you have the information you need regarding this incident:
According to Equifax, the cybersecurity incident that has the potential to impact 143 million U.S. consumers. Equifax has publicly provided two methods in which they will notify consumers, via direct mail (not email) notices as well as a website they have made for consumers to check if they have potentially been impacted.
If you have any concerns please feel free to visit their site or contact them directly if you receive a direct mail notice.
KECU strives to provide the highest level of service to our members and community and in doing so want to clarify some information for our members who have concerns. If you receive a phone call from someone identifying themselves as Equifax trying to confirm your information, do not speak with this person. In addition, do not respond to emails that appear to be from Equifax with attention grabbing subject lines. These are likely attempts to gather or confirm information from someone not associated to Equifax or simply a method to install malware or viruses on your PC.
According to Equifax, on July 29, 2017, Equifax identified a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Equifax discovered the unauthorized access and acted immediately to stop the intrusion. They promptly engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. They also reported the criminal access to law enforcement and continue to work with authorities.
What information may be impacted?
The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. Criminals also accessed credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.
How might this affect you?
A cybersecurity incident exposing information such as Social Security numbers, birth dates, addresses and driver’s license numbers put individuals at risk for identity theft. This theft can result in cybercriminals using another’s identity to fraudulently apply for and open loans or credit cards, falsely change addresses with the IRS in order to file phony tax returns to collect refunds or apply for Social Security benefits. Some of these illegal activities could negatively impact credit scores, homeowner’s insurance premiums and coverage, and more.
Where can I learn more?
Equifax has provided the dedicated website www.equifaxsecurity2017.com and the following instructions:
• To see if you are potentially impacted, you can click on the Potential Impact Tab
• To enroll in complimentary identity theft protection and credit file monitoring services and how to find out if your personal information may have been impacted, you can click on the Enroll Tab.
• To learn more about the complimentary offering, you can click on TrustedID Premier Tab. TrustedID Premier provides you with copies of your Equifax credit report; the ability to lock your Equifax credit report; 3-Bureau credit monitoring of your Equifax, Experian and TransUnion credit reports; Internet scanning for your Social Security number; and identity theft insurance.
To speak to someone directly, Equifax has also established a call center at 866-447-7559, available every day (including weekends) from 7 a.m. – 1 a.m. EST, for individuals to ask questions.
What can I do to protect myself?
There are measures one can take to potentially curb the effects of identity theft.
• Pulling a copy of your credit report from all three credit bureaus (Equifax, Experian, and Transunion) should show existing credit and loan accounts in your name at the time the report is pulled. You’re entitled to one free report per year and it will not affect your credit score. Reviewing your credit report can help you be mindful of any erroneous reports due to financial fraud. That report can be pulled at https://www.annualcreditreport.com/index.action
• Put a freeze on your credit report. A security freeze is designed to prevent a credit reporting company from releasing your credit report without your consent. Know that using a security freeze to protect your personal and financial information can interfere or potentially prevent approval of any loan, credit, mortgage, insurance, government services or payments, rental housing, employment, investment, license, cellular telephone, utilities, digital signature, internet credit card transaction or other services, including extension of credit at point of sale.
Freezing your credit report requires reaching out to each individual credit bureau to initiate that process. Contingent on individual state law, fees for processing a credit report freeze may apply. Some states do not charge fees to victims of identity theft, however providing proof of eligibility may be required. According to the New York Times, Equifax is temporarily waiving all fees until November 21, 2017 for individuals wishing to freeze their Equifax credit files.
Instructions for initiating a credit freeze via the three credit bureaus can be found here:
o Equifax Credit Freeze or at https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp
o Experian Credit Freeze or at http://www.experian.com/news/security-freeze.html
o Transunion Credit Freeze or at https://freeze.transunion.com/sf/securityFreeze/landingPage.jsp
• Put a lock on your credit report and/or consider enlisting the help of a credit monitoring service. Credit bureaus offer credit locks and/or monitoring services as an option to help protect your personal and financial information. A lock differs from a freeze in that locks allow you means to lock and unlock your credit. Monitoring services may send alerts to changes in your credit or suspected fraud. These services are subject to their own individual terms, conditions, and monthly fees may apply. Information for initiating these services per the three credit bureaus can be found here:
o Equifax Credit Monitoring Services or at https://www.equifaxsecurity2017.com/trustedid-premier/
o Experian CreditLock or at http://www.experian.com/consumer-products/creditlock.html
o Transunion Credit Lock or at https://www.transunion.com/credit-freeze/place-credit-freeze2
• Check your Social Security benefits statement at https://secure.ssa.gov/RIL/SiView.do. If you do not have an account, you will be prompted to create an account which requires verifying personal information, having an email address, a social security number, a U.S. mailing address and to be at least 18 years of age. There also exists the option to block electronic access to your Social Security record. The Social Security Online Services explains by blocking electronic access to your Social Security record that no one, including you, will be able to see or change your personal information on the Internet or though their automated telephone service. For more information on that, click here or go to https://secure.ssa.gov/acu/IPS_INTR/blockaccess
The information on this page is derived from governmental websites and is not intended as advice from Kentucky Employees Credit Union, but is intended only to share these sources of information and resources with you. If you have individual questions on the Equifax Security Breach or any rights you may have you should consult with your legal adviser.