Are you a victim of the Equifax hack? Here’s how to find out
Why it matters to you
The Equifax hack is big and bad. Making sure your financial and credit data is as secure as possible is an important step to take in its wake.
The recently announced Equifax hack was one of the worst in recent memory, for its size and the scope of personal data made vulnerable. Because of that, Equifax itself and other organizations are looking to help people mitigate any damage done. First, though, you need to find out if you were affected or not.
How to find out if you were a victim of the Equifax hack
The best way to find out if you were affected by the hack is to use Equifax’s “Potential Impact” tool. Available directly from Equifax’s own site, it asks you to input your last name and the last six digits of your social security number.
While you might not feel too comfortable handing over that information to Equifax considering so much personal information was stolen, bear in mind that if you have used Equifax in the past, it already has that information on you.
Step 1 – Go to the Potential Impact tool page and click the “Check Potential Impact” button.
Step 2 – Input your last name and the last six digits of your social security number and complete the reCaptcha check.
Step 3 – The resulting screen will then tell you whether you were or were not likely to have been affected. Unfortunately, in our case, it looks like we were.
Equifax offers free protection, if you won’t sue
As you can see in the screenshot above, Equifax is offering any of its customers (whether affected or not) free identity protection for a year under the TrustedID Premier platform. You’ll be offered this after you complete the steps to check whether you’re a victim.
TrustedID Premier offers active credit monitoring at three major agencies — Equifax, Experian and TransUnion — social security number monitoring, and identity protection insurance for up to a million dollars.
Initially, the terms and conditions of the service suggested that those who enroll might waive their right to sue over the cybersecurity breach, either individually or as a class. However, Equifax has updated its website to clarify that the arbitration clause found in the service’s terms will only apply to the TrustedID protection itself, not prior issues, including the hack.
After conversations w my office, @Equifax has clarified its policy re: arbitration. We are continuing to closely review. pic.twitter.com/WcPZ9OqMcL
— Eric Schneiderman (@AGSchneiderman) September 8, 2017
Travis Mills, President of identity theft recovery service LibertyID, told Digital Trends that those who’ve suffered stolen data shouldn’t count on the service as the sole means of protection. “Their credit monitoring is not going to make a difference or provide a solution,” he told us. “You can’t be protected against data breaches, as yesterday proved.”
Further, he pointed out that “credit card fraud is just a fraction of the effect that ID theft can have on your life. The information that was lost in this Equifax breach is far and beyond just credit fraud.”
If you want to enroll in the protection offer, you can learn more about it on the Equifax page. Once signed up, you’ll be given an enrollment date for when your protection will officially begin.
If you would rather not use Equifax’s own ID protection scheme or simply don’t want to waive your right to sue just yet, security experts like KrebsOnSecurity are recommending you freeze your credit files. While that will make it more complicated when you need to sign up for a new credit card, car finance, or any instance where your credit must be checked, it also becomes a pain in the neck for anyone looking to use your identity to take out loans in your name.
You will need to put the freeze on with each of the major credit report companies — Equifax, Experian, Innovis and TransUnion — but it is a solid preventative step to stop the Equifax hack from affecting you too heavily. For more information on credit freezing, check out Krebs’ FAQ on the matter.
What else can you do?
If you, like us, were affected by this hack and, your personal information was possibly accessed, there are a couple of options you have and some general advice that’s worth taking.
For starters, maintaining a keen eye on your personal information, finances, and credit reports — here’s how to check them — in the near future will help stop any identity fraud in its tracks. Although that’s a good idea in general, doing so now is more important than ever.
You can request free credit reports from all of the major organizations in one place using AnnualCreditReports‘ online system.
As well as keeping an eye on this story as it evolves, and monitoring your own financial statements and credit reports, you should use good security practices and have unique passwords and login information for all online services. If you are ever concerned that some of your details have been compromised in other hacks, the HaveIBeenPwned website is a great resource to find out.
Don’t forget to keep yourself safe from ransomware too. For tips on how, check out our handy guide.
Update 12:30 PM 9/8/2017: Clarified arbitration clause in TrustedID’s terms and conditions.