Capital One is the latest company to have its information systems breached, exposing the personal data of millions of Americans. This follows other major breaches including Equifax, and Marriott Starwood.
Therefore it’s becoming increasingly important for us to not only learn about what’s actually happened during these breaches, but also what steps we can take to protect ourselves in the future.
And here’s what it comes down to: when your personal information is exposed during a hack, you can quickly become the victim of identity theft. This is especially the case if your Social Security number or bank account information has been compromised, as was the case with the Capital One breach, or if your passport information was stolen, as was the case with the Marriott hack.
What happened during the hacks?
The Capital One hackers compromised the personal information, including the names, addresses, and phone numbers of approximately 106 million individuals in the United States and Canada. Additionally, in the United States, 80,000 bank account numbers and 140,000 Social Security numbers were compromised.
This came on the heels of the Marriot Starwood breach which compromised the information of up to 500 million customers of Marriott International. The attack had actually started four years earlier, exposing data including everything from credit and debit card information to passport numbers.
According to The New York Times, Marriot was one of the largest thefts of personal records ever reported. Because the data obtained during the hack hasn’t been found on the dark web, experts think that it was collected for intelligence purposes, not for use.
And then, of course, there was Equifax, one of the nation’s three major credit bureaus which was hacked in 2017. Approximately 143 million U.S. customers’ information was put into the hands of cybercriminals. The backlash against Equifax was especially harsh given the scale of the breach and, because, of all companies, we expect a credit bureau to protect this stuff.
What to do if you have been hacked
The best thing to do if you think you’re the victim of a hack and your personal information has been compromised is to check your information for identity fraud.
Lock down your account
With the Capital One, Marriot, and Equifax breaches, we’re guessing that you’ve likely heard a lot about fraud alerts and credit freezes.
Let’s first break down what it is: a fraud alert is a temporary measure that is supposed to prevent anyone from opening new credit in your name. You can set the fraud alerts online or by phone, and you’ll need to do it with each bureau.
A freeze works like a fraud alert, only it remains in place until you remove it. The credit bureaus may charge a fee to freeze your report, depending on your state. (After public backlash, Equifax has waived fees for freezing your Equifax report.)
It’s important to know that when you freeze your credit report, creditors and lenders can’t pull your credit report or credit score, so you won’t be able to apply for any loans. You can “thaw” your account with a unique access code each bureau will give you when you place the freeze. If you freeze your file, it’s critical that you don’t loose this code!
You’ll need to perform a freeze at each credit bureau individually. You can also do a security freeze online (if you trust it).
- Your full name, including your middle initial any generational suffix (e.g. Jr., II, etc.)
- Complete current address, and previous addresses for the past two years
- Date of birth, month, day, and year
- Social security number
- Proof of identification (e.g. a photocopy of your valid driver’s license, passport, state ID, military ID, or birth certificate)
- Address verification (e.g. utility bill, cell phone bill, pay stub. Do not send a credit cards statement, magazine subscription, voided check, or lease agreement)
- Payment (check, money order, or major credit card)—if this is required
Equifax Security Freeze
P.O. Box 105788
Atlanta, Georgia 30348
Experian Security Freeze
P.O. Box 9554
Allen, TX 75013
P.O. Box 2000
Chester, PA 19022-2000
Since Equifax has undergone a recent breach, you can visit their website for step-by-step instructions on freezing your credit.
Scan all bank statements
Many people don’t pay attention to their bank or credit card statements. But if your identity and information have been compromised, then you’ll want to make sure you set time aside each month to look for any charges that you don’t recognize.
Check your credit report
Look for any accounts that you don’t recognize, as these are a sign that someone has stolen your information and is opening accounts in your name.
Contact the police
Even though the local police probably won’t be able to do anything to help if you someone overseas has stolen your information, they can take your information.
This may help them if a local person has stolen your accounts and is also stealing information from others.
File a report
In addition to talking to the local police, you need to make sure that you speak to the professionals at the Federal Trade Commission. These experts will provide you with a recovery plan and forms and letters to help you dispute fraudulent charges.
Use a credit monitoring service
If you haven’t used a credit monitoring service in the past, then now is a good time to sign up for one.
These professionals can monitor the three major credit reporting companies and alert you when an account is opened in your name.
We recommend myFICO for the most accurate gauge of your FICO score, plus the most comprehensive criminal surveillance on the market.
Open new accounts
You’ll want to talk to your bank about how to avoid more damage in the future. They may recommend closing all of your accounts and opening new ones to ensure that you have accounts that have not been compromised.
Set up a fraud alert
Placing a fraud alert on your account will ensure that any company who pulls your credit knows that your account may be compromised and that your identity might be stolen. This should encourage them to take extra steps to verify the identity of a person using your information.
How to protect your credit card
Tim Parker at Investopedia came up with a few key steps to help minimize the damage if your credit card information is stolen and how to protect that information in the first place.
I’ll break them down below:
Get a new card right away
If you find that your information was stolen, make sure the company issues you a new card, and your old account is closed.
Monitor your account
Even if you don’t think anyone has stolen your credit card information, I recommend monitoring your account online all of the time. Make sure to check your account a few times a week and quickly scan for fraudulent charges.
Be aware of scams
While you don’t need to remain on top of all scams currently being used to get information from people, as long as you are aware of common scams (such as skimming), you’ll be better able to protect your information.
Also, make sure you don’t give out your personal information online or over the phone to someone who calls you.
Really, stop using ‘Password1’
“Your password is bologna1?”
“Used to be bologna, now they make you add number!”
Here’s the thing: You can’t help it if someone gets your personal information and attempts to hack your life.
But if they hack into your bank account because you use the same password across 100 websites—well, that one’s on you!
Security experts recommend frequent password changes, usually between 30 and 180 days. But let’s be real—we’re probably not going to change our passwords that often unless our IT guy requires it.
For starters, try to use a unique password every time. At the very least, use a strong, unique password for anything sensitive—email accounts, banks, investments, etc.
Finally, sign-up for two-factor authentication whenever it’s offered. Definitely, use it for your financial accounts!
Two-factor authentication simply means that you’ll have to enter a unique access code, in addition to your password, when you login from a new computer. You get the code either by text message or from an app that generates the new codes every minute or so. It’s not as cumbersome as it sounds, and it makes your accounts much safer.
Credit cards with the best security
A great way to protect yourself from identity theft and having fraudulent activity on your credit cards is to choose a credit card that offers great security features.
One of the best cards is the Citi® Premier Card.
Your card will automatically block any abnormal spending
Another card that offers great security features to its cardholders is the Citi Premier® Card. If they detect unusual activity, you’ll be sent an alert via text, email, phone, or mail, giving you the chance to confirm the transaction.
Thanks to the $0 liability guarantee, you won’t ever have to worry about paying for the charges that someone else makes with your stolen card.
These credit cards have chips in them that help ensure they’re safe to use in chip-enabled terminals across the globe. This advanced chip technology helps to keep your card safer than ever, so you don’t have to worry about your information being stolen at the terminal.
As you can see, data breaches such as Capital One, Marriott Starwood, and Equifax are becoming a more significant problem for all of us. And while you can’t guarantee that you won’t ever be affected, there are definitely action items that you can take to protect yourself and speed up the process of regaining your identity if it’s been stolen.