Everyone should be worried about the latest cybersecurity breach.
Equifax, one of the main credit score providers in America, announced Thursday that the company was the victim of a large-scale hack that exposed the personal information, including Social Security numbers, of an estimated 143 million Americans.
Hackers gained access to names, Social Security numbers, birth dates, addresses and some driver’s license numbers. About 209,000 customers’ credit card numbers were also exposed, as well as dispute documents containing personal information for about 182,000 customers.
With a hack that could affect up to 44 percent of the American population, people are understandably anxious to find out if they are among the many whose information is now at risk of identity fraud or being sold on the black market, an underground online marketplace where criminals sell personal information that can be used to get credit cards, take out loans or make purchases.
“When this type of stuff happens, it’s like, ‘Oh, crap,’” Alex McGeorge, head of threat intelligence at the security firm Immunity, told Wired. “Your Social Security number doesn’t change, so this data is going to get resold on the black market and hold its value for a while.”
To find out if you’ve been affected, you can check on a website Equifax has set up in response to the hack: www.equifaxsecurity2017.com.
At the bottom of the page, the company directs you to a link titled “Potential Impact,” which allows you to see if your information is safe. The catch? You have to provide your last name and the last six digits of your Social Security number.
Several HuffPost staff members attempted this and received one of two messages: One confirms that the user was not affected by the breach and the other message sends the user a date for when they can enroll in the company’s credit-monitoring service, TrustedID Premier.
The latter message does not confirm whether or not the user was affected, and Equifax did not immediately return HuffPost’s request for clarification.
If you were given an enrollment date, take note of it. Equifax did not request any email addresses, which suggests that the company won’t reach out to you to remind you of it. Then, complete enrollment in TrustedID Premier to get a free year of protection to prevent identity theft, courtesy of Equifax.
In the meantime, you can also protect yourself by doing the following:
1. Freeze your credit.
Enabling a credit freeze restricts who can see your credit report, preventing lenders and others who you aren’t already familiar with from accessing your information. To do this, call one of the three major credit monitoring bureaus: Experian (888‑397‑3742), TransUnion (888-909-8872) and Equifax (888-909-8872).
2. Activate a free 90-day fraud alert.
According to the Federal Trade Commission, you are allowed to activate a free 90-day fraud alert with one of the three credit bureaus, which will make it harder for identity thieves to steal your information. You can also renew it after the 90-day period is over.
3. Check your credit report.
Although Equifax announced the security breach on Thursday, it discovered the actual breach on July 29. That means that hackers may have had personal information for a few months before they were caught. Check your credit report using a verified credit report company to see if there have been any accounts opened under your name without your permission.