Three Things You Must Know About the Equifax Data Breach

143 million American consumers recently had their information exposed by a data breach at Equifax—one of the nation’s most prominent credit bureaus. So, if you have a credit report, your personal information may be at risk.

At this point, a lot about the breach remains unknown. However, there are a few things that have come to the surface. One of the most important things is that Equifax will not tell you if your information has been compromised. It’s up to you to determine if your personal information was accessed during this event.

Although it might seem like a nuisance, the importance of understanding the event, determining if you were affected and making a plan for the future is of the utmost importance. Equifax retains extensive information about its users, so this breach is much more serious than other major security events, such as the Yahoo and Target data breaches.

Below, you’ll find all of the information you need to gain a preliminary understanding of the event so you can understand if you might be at risk and safeguard yourself for the future. Although this article is not extensive in scope, it’ll provide you with the most important details you need to grasp the breach and learn about what you should do in response.

1. What Happened

According to Equifax, the breach started in mid-May and lasted through July of this year. During this timeframe, hackers accessed American’s names, Social Security numbers, driver’s license numbers, addresses and birth dates. Among the 143 million Americans that were affected, 209,000 people had their credit card numbers stolen.

[caption id="attachment_13389" align="aligncenter" width="943"]Equifax credit data breach 143 million affected Credit:[/caption]

The fact that the hack took place is troubling, but what’s more upsetting to many Americans is the amount of time it took Equifax to disclose the breach. On July 29, the hack was discovered. However, the breach was only made public knowledge six weeks later. This delay frustrates many consumers because one of the key aspects of protecting your personal information online is spotting and reacting to threats as soon as they happen. During this month and a half, consumers were in the dark instead of taking critical steps to protect themselves.

On September 13, Equifax updated its investigation of the breach, stating that they had identified a culprit. The credit bureau uses a framework named Apache Struts—an open-source platform that’s heavily relied on by banks, government agencies and large companies.

The framework had a flaw that enabled hackers to access personal information. This specific flaw was actually identified and addressed earlier this year, which is leading many to speculate that Equifax could have fixed the problem in March to prevent the mid-May attack.

Many Americans and larger organizations are perseverating over the details of the hack, but here’s the bottom line: the first response to this attack should be action. As time passes, more information and insight into the attack will surface.

For now, though, you should focus on determining whether or not you were affected. Criminals can immediately use the information they gained during the hack to do things like apply for a loan or take government benefits in your name. This event is extremely time-sensitive, so you should start to respond to it as soon as possible.

2. The Steps You Should Take

To determine if you were exposed in the breach, visit the Equifax website. Click on the tab that says “Potential Impact,” and enter your last name and the last six digits of your Social Security number. Once you enter this information, you will receive one of two messages.

The first message says “we believe that your personal information was not impacted by this incident,” and the second message reads “we believe that your personal information may have been impacted by this incident.”

Interestingly enough, whether you receive the first message or the second message, experts recommend that you take the same steps afterward. Even if you do not seem to be impacted by the incident, the fact of the matter is that you still might be. So, regardless of the response you receive, you should still follow the steps below:

According to experts , the first step to protecting yourself is freezing your credit. Starting September 11, Equifax decided to waive all security freeze fees for 30 days. So if you act now, you can start protecting yourself for free.

To freeze your history, load Equifax’s security freeze page , and provide your personal information. When you place the freeze, try and use a secured, personal Wi-Fi connection, not public Wi-Fi. The form requires several pieces of sensitive personal information, and if you submit them using a public Wi-Fi connection, there’s a higher risk of your data being stolen.

Another important thing to note is that the Equifax site has been experiencing delays. There is a chance that the first time you try to set up the freeze, it won’t work. If this happens to you, try and freeze your account again a few hours after your first attempt. It might take a few attempts for the freeze to be processed correctly on the Equifax’s site.

After you’ve frozen your report with Equifax, do the same with Experian and TransUnion. Unlike Equifax, these credit bureaus will charge you for the freeze. Paying to freeze your credit may be an inconvenience, but if it saves you from identify theft or another criminal attack, it will be well worth it. Overall, freezing your credit with all three agencies shouldn’t cost more than $60. To protect yourself effectively, you must apply for freezes at all three credit bureaus.

[caption id="attachment_13392" align="aligncenter" width="638"]Placing a security freeze on credit history Credit: LBC9[/caption]

After your credit reports are frozen, you can begin to check your credit card transaction statements for any unauthorized transactions. If any items are incorrect, you should report them to your financial institution right away.

If inaccurate information has made its way onto your credit report , you can write to all three credit reporting companies and tell them what information is inaccurate. If the information is indeed incorrect, the credit reporting companies will work with you to have it removed.

[caption id="attachment_13388" align="aligncenter" width="638"]Disputing inaccurate credit information Credit: SlideShare[/caption]

The last step you will need to take is to continually monitor your accounts for unusual activity. This long-term approach will allow you to ensure that your information is never successfully used against you—whether you prevent an incident next week or 15 years down the road.

3. Planning for the Future

Millions of Americans have had their personal information compromised in data breaches. Whether you’re among this group or not, at the end of the day, you should take steps to protect yourself against future data breaches.

When you start to safeguard your information, prioritize in order of importance. Some pieces of information need to be more closely watched than others. For example, you should put more precedence on protecting your Social Security number than your address.

[caption id="attachment_13387" align="aligncenter" width="257"]Data breach risk meter Credit:[/caption]

Another way you can protect yourself is to stick to using your credit for purchases. If your credit card information is used fraudulently, it often takes less time to recover the funds. Alternatively, if your debit card information is stolen, it is more difficult and timely to recover the funds because they come directly from your account.

Consider Automation

If the information above has you feeling slightly overwhelmed, you’re certainly not alone. Americans have more to think about and manage every day, and adding daily data breach prevention activities to your to-do list might be the last thing you’re interested in doing. Luckily, with the help of a specialized company, you can stay vigilant without having to personally check your information every day.

Here at MyFastPC we offer identity protection and fraud recovery services in partnership with EZShield and perform daily online monitoring activities for our clients. This way, users can rest assured that their information is not accessible on black market websites. This partnership also helps customers by monitoring their credit and alerting them if any changes are requested.

In the event of fraud or theft, this partnership will work with you through 24/7 customer support. They will also provide you with one of their US-based Certified Resolution Specialists.

Other benefits include an Online Identity Vault, which allows you to encrypt personal information; a Password Manager, which allows you to store your passwords and generate new passwords in an encrypted tool; and the End2End Defense® 32-step restoration process, which helps you discover, isolate and protect future fraud when your wallet is lost or stolen.

[caption id="attachment_13391" align="aligncenter" width="463"]How often do data breaches occur? Credit: IT Secuity Central[/caption]

Data breaches are all unique, but they’re certainly not uncommon. During a typical work day, 1,850,832 data records are lost or stolen. Fortunately, improving your data security is within your grasp.

To protect yourself today, freeze your credit reports with the three bureaus, check your reports for inaccurate data, monitor your bank accounts and start looking into options for automated protection. Taking these steps may seem like an inconvenience at first, but over time they are likely save you countless hours of stress. To get started, visit the Equifax website .

Featured image credit: Unsplash

Your Personal IT Team, Anytime, Anywhere!

24/7 Support

Explore Services

Get 24/7 Peace of Mind With Remote Tech support

We’ll help you with any question, concern or issue.

Get Specialist Assistance

About the author

Photo of Erik Fullmer

Erik Fullmer

Erik was raised in many places but has long since called Utah home. Rooted in mountains, he spends a lot of time with his dogs in the mountains and in the winter he skis… a lot.

Erik is actively earning the necessary certifications and training to become a certified AMGA Ski Guide.

With over a decade of content writing experience, Erik finds passion when writing for the tech and outdoor recreation industries.