Protect Your Identity Following the Equifax Security Breach

Data security has been a hot issue for some time, however, the latest security breach at Equifax has left nearly half of all Americans exposed. In the wake of this troubling incident, many of us are left with questions pondering the safety of our personal information, and even our identity.

How could this security breach have happened?

Unfortunately, the best information we have received from Equifax is that the breach was due to a “website vulnerability”. What exactly this means is anyone’s guess. The important issue now is for all of us to protect ourselves in the safest manner possible.

What can someone do with my personal information?

To name a few of the numerous and frightening possibilities, an identity thief can open a line of credit, take out a prescription, and obtain a driver’s license. The results of the above theft include a ruined credit score, altered medical history, and costly tickets that could lead to a warrant for your arrest. This may sound very doom and gloom, but it’s a good reminder to stay alert and vigilant on all fronts.  

What are the odds my identity would be stolen?

The likelihood of becoming a victim of identity theft may not appear to be very high. However, according to a recent USA Today article, 2016 saw a record rate of identity theft - about 1 in every 16 U.S. adults were victims¹. With the sheer volume of data stolen in the recent breach, one can only expect this number to rise in the coming years. Unfortunately, it has increasingly become a question of not if, but when one may be affected by identity theft. Nevertheless, there are several actions available to keep your identity as safe as possible.

To begin, Equifax has offered one year of free credit monitoring service to all individuals, the details of which you can review here. There has been concern raised regarding your ability to pursue legal action against Equifax if you accept this service. In a 9/11/17 update from Equifax, they state that enrolling does not waive any rights to take legal action, and that language on the contrary has been removed from their Terms of Use. However, if you are uncomfortable enrolling with in Equifax’s credit monitoring, see our three trusted steps below. Then continue reading for our general security tips. For maximum protection and security, complete all steps as often as recommended.

First: Routinely check your credit reports and account activity

  • Free copies of your credit report are available once a year from each of the three main credit reporting agencies – Equifax, Experian, and TransUnion. They can be requested online here. Review these reports at intervals throughout the year. If any unusual activity is found, contact the credit agency immediately. As a service to our clients, Bluestem requests these free reports on a rotating schedule each year.
  • Take some time to review bank and credit card statements once a month. Contact the financial institution if you do not recognize any transactions, no matter how small.

Second: Place a Fraud Alert on your credit reports

  • Contact any one of the three credit agencies to inform them you are concerned about becoming a victim of identity theft and ask for a fraud alert. That agency must forward the alert to the other two agencies.
  • The alert will require any third party to take measures to confirm your identity before opening any new accounts in your name. This should include contacting you.
  • The alert will last for 90 days and can be renewed as many times as you would like. It is a free service.
  • If you have already been a victim of identity theft, you can request an extended fraud alert that lasts for 7 years. Alternatively, if you are in active duty with the military, you can request a fraud alert for 1 year to protect you while deployed.

Third: Place a Credit Freeze on your credit reports

  • While once thought of as an extreme measure to protect your identity, a credit freeze may be the best way to protect against identity theft given the likelihood your personal information was stolen in the recent breach.
  • When placing a credit freeze, you must complete with all three credit agencies separately. When needing to apply for a legitimate credit account, you will have to unfreeze your credit report with all three agencies.
  • There is typically a fee for both freezing and unfreezing your credit report, ranging from $3 to $10. The fee differs by credit agency, as well as by state. It is free for victims of identity theft and for individuals 65 years of age or older.
  • The three credit agencies also have credit report products that are intended to help you control your credit. Be wary, however, as these products typically cost a monthly subscription fee which can become quite expensive.

Contact information for the Credit Reporting Agencies




General Safety Tips

  • Fraudulent tax return filings have been on the rise. A good way to prevent this is to file your return early. The best protection is to obtain an IRS Identity Protection (IP) PIN number. Unfortunately, not everyone is eligible for an IP PIN; you must have either been a victim of identity theft or received a CP01A notice from the IRS. If you do apply for an IP PIN, remember that it will be required to file your tax return each year.
  • Update passwords regularly, make them complex, and avoid using the same password for multiple logins. Consider using a password manager such as LastPass to help with password management.
  • When available, use dual factor or multi factor authentication to the greatest degree possible. This ensures that even if your password is hacked you will have an additional layer of security.
  • Do not send sensitive information such as account numbers or social security numbers via email.
  • Be cautious of links included in emails. Do not click on links in emails or enter your credentials in pages linked from an unknown sender. Instead, go directly to the website and manually type the address or search on the site. 
  • Do not use security questions that have easily searchable or generic answers.
  • Do not use public Wi-Fi if at all possible. Hackers can use software that captures every character you type. It is best practice to never access secure websites or email on a public Wi-Fi network.
  • If you store any sensitive information such as social security numbers, credit card numbers, account numbers, etc., in external storage devices, ensure that the data is encrypted and in securely password-protected documents.

If you have been the victim of identity theft visit the Federal Trade Commission’s ID Theft website for thorough tips on how to respond.


1 USA Today article by author Bob Sullivan and published on February 6, 2017. (