Editor's Note: This article has been changed to clarify the relationship between Cathy Scrivner and LegalShield.
SOUTHERN INDIANA — You may have heard about the Equifax data breach back in September, when the credit reporting company first made the incident public. The breach compromised the personal information of 145 million people, about 44 percent of the U.S. population. Maybe you meant to do something about the news, but forgot as daily life marched on.
Cathy Scrivner, a local independent associate for LegalShield, wants to remind you about the hack.
“This is a big daggone deal,” Scrivner said at a One Southern Indiana 8 O’clock Network event on Wednesday.
That’s because the hackers stole so much information. As one of the three finance corporations that can assign a FICO credit score, Equifax stores their customers' first and last names, Social Security numbers, birth dates, current and past addresses and drivers' license numbers.
With that information, hackers can become you, Scrivner said. That means they can file your taxes, create all kinds of accounts, commit a crime and give away your information — “whatever the case may be,” she said.
Even if you never signed up for Equifax, you may have been compromised.
How it happened
Equifax, a multi-billion dollar company, was actually infiltrated back in May. The company did not install a security patch on its computers that it should have.
The patch was released in March, and it would have taken less than 30 minutes to install, said Rick Taylor, a principal at Mountjoy Chilton Medley who advises different companies about cyber security.
“…The company didn’t do a very basic thing that they should be doing every day to protect themselves,” he said.
Equifax discovered the breach on July 29, but the company waited over one month to inform the public.
What to do
Most people heard about Equifax in September, but that doesn’t mean you can’t do anything about the breach today, over two months later, Scrivner said.
“[The hacker(s)] may be doing something now or they may sit on it and wait for a year,” she said.
Diane Kilner, who attended the 1si event, said she checked her credit score after she learned of the hack, but has yet to do more. Scrivner would recommend that she does.
Many experts say that you should place a freeze on your credit report to protect yourself. That prevents an identity thief from opening accounts in your name, according to the Federal Trade Commission. (Most creditors need to see your report before they approve a new account).
You can do that by contacting all three of the credit reporting companies: Equifax, Experian and TransUnion. They will ask for your name, address, date of birth and Social Security number.
But Scrivner only recommends freezing your account if you’ve settled down in life. Credit freezes can be temporarily lifted or removed if you need to take out a loan, but you need to contact the reporting companies and it does require a fee. Scrivner’s preference is a credit alert, which allows creditors to get a copy of your credit as long as they verify your identity. Alerts are free.
Taylor also recommends that you constantly monitor your accounts for signs of fraud. If you catch a thief, you can work to remedy their damage. But that’s difficult, too.
Scrivner estimates that it takes a minimum of 200 hours and six to 18 months to restore your identity after its stolen.
“…It’s a nightmare to try and fix,” she said.
There are 120 companies that offer identity theft products to help you restore your identity, she said. Some just promise to assist you with any issues. They give you your own literature to solve the problem. Other companies insure you.
But LegalShield, the business that Scrivner is an independent associate for, provides an identity theft service called IDShield that solves your identity theft problems for you through limited power of attorney.
But Scrivner also preaches identity theft prevention. There are “so many different ways” to keep from becoming a victim of identity theft:
• Don’t use your cell phone to store personal information;
• Keep your computer browser software up to date;
• Never use email to communicate sensitive information;
• Check your credit report on a regular basis;
• Be careful using public Wi-Fi;
• Use wireless security at home;
• Don’t use obvious passwords;
• Create a Social Security account (if you’re over 18);
• Place a credit fraud alert or freeze;
• Set up online access for all important accounts so a thief can’t do it;
• File your tax return as early as possible.