The exposure of Americans' personal data has become an increasingly significant problem with the major breaches of Capital One, Marriott and Equifax. Here's how you can protect yourself.

Capital One is the latest company to have its information systems breached, exposing the personal data of millions of Americans. This follows other major breaches including Equifax, and Marriott Starwood.

Therefore it’s becoming increasingly important for us to not only learn about what’s actually happened during these breaches, but also what steps we can take to protect ourselves in the future.

And here’s what it comes down to: when your personal information is exposed during a hack, you can quickly become the victim of identity theft. This is especially the case if your Social Security number or bank account information has been compromised, as was the case with the Capital One breach, or if your passport information was stolen, as was the case with the Marriott hack.

What happened during the hacks?

The Capital One hackers compromised the personal information, including the names, addresses, and phone numbers of approximately 106 million individuals in the United States and Canada. Additionally, in the United States, 80,000 bank account numbers and 140,000 Social Security numbers were compromised.

This came on the heels of the Marriot Starwood breach which compromised the information of up to 500 million customers of Marriott International. The attack had actually started four years earlier, exposing data including everything from credit and debit card information to passport numbers.

According to The New York Times, Marriot was one of the largest thefts of personal records ever reported. Because the data obtained during the hack hasn’t been found on the dark web, experts think that it was collected for intelligence purposes, not for use.

And then, of course, there was Equifax, one of the nation’s three major credit bureaus which was hacked in 2017. Approximately 143 million U.S. customers’ information was put into the hands of cybercriminals. The backlash against Equifax was especially harsh given the scale of the breach and, because, of all companies, we expect a credit bureau to protect this stuff.

What to do if you have been hacked

The best thing to do if you think you’re the victim of a hack and your personal information has been compromised is to check your information for identity fraud. 

Lock down your account

With the Capital One, Marriot, and Equifax breaches, we’re guessing that you’ve likely heard a lot about fraud alerts and credit freezes.

Let’s first break down what it is: a fraud alert is a temporary measure that is supposed to prevent anyone from opening new credit in your name. You can set the fraud alerts online or by phone, and you’ll need to do it with each bureau.

A freeze works like a fraud alert, only it remains in place until you remove it. The credit bureaus may charge a fee to freeze your report, depending on your state. (After public backlash, Equifax has waived fees for freezing your Equifax report.)

It’s important to know that when you freeze your credit report, creditors and lenders can’t pull your credit report or credit score, so you won’t be able to apply for any loans. You can “thaw” your account with a unique access code each bureau will give you when you place the freeze. If you freeze your file, it’s critical that you don’t loose this code!

You’ll need to perform a freeze at each credit bureau individually. You can also do a security freeze online (if you trust it).

  • Your full name, including your middle initial any generational suffix (e.g. Jr., II, etc.)
  • Complete current address, and previous addresses for the past two years
  • Date of birth, month, day, and year
  • Social security number
  • Proof of identification (e.g. a photocopy of your valid driver’s license, passport, state ID, military ID, or birth certificate)
  • Address verification (e.g. utility bill, cell phone bill, pay stub. Do not send a credit cards statement, magazine subscription, voided check, or lease agreement)
  • Payment (check, money order, or major credit card)—if this is required

Equifax Security Freeze
P.O. Box 105788
Atlanta, Georgia 30348

Experian Security Freeze
P.O. Box 9554
Allen, TX 75013

TransUnion LLC
P.O. Box 2000
Chester, PA 19022-2000

Since Equifax has undergone a recent breach, you can visit their website for step-by-step instructions on freezing your credit.

Scan all bank statements

Many people don’t pay attention to their bank or credit card statements. But if your identity and information have been compromised, then you’ll want to make sure you set time aside each month to look for any charges that you don’t recognize.

Check your credit report

Make sure that you request a copy of your credit report from TransUnionExperian, and Equifax.

Look for any accounts that you don’t recognize, as these are a sign that someone has stolen your information and is opening accounts in your name.

Contact the police

Even though the local police probably won’t be able to do anything to help if you someone overseas has stolen your information, they can take your information.

This may help them if a local person has stolen your accounts and is also stealing information from others.

File a report

In addition to talking to the local police, you need to make sure that you speak to the professionals at the Federal Trade Commission. These experts will provide you with a recovery plan and forms and letters to help you dispute fraudulent charges.

Use a credit monitoring service

If you haven’t used a credit monitoring service in the past, then now is a good time to sign up for one.

These professionals can monitor the three major credit reporting companies and alert you when an account is opened in your name.

We recommend myFICO for the most accurate gauge of your  FICO score, plus the most comprehensive criminal surveillance on the market. 

Open new accounts

You’ll want to talk to your bank about how to avoid more damage in the future. They may recommend closing all of your accounts and opening new ones to ensure that you have accounts that have not been compromised.

Set up a fraud alert

Placing a fraud alert on your account will ensure that any company who pulls your credit knows that your account may be compromised and that your identity might be stolen. This should encourage them to take extra steps to verify the identity of a person using your information.

How to protect your credit card

Tim Parker at Investopedia came up with a few key steps to help minimize the damage if your credit card information is stolen and how to protect that information in the first place.

I’ll break them down below:

Get a new card right away

If you find that your information was stolen, make sure the company issues you a new card, and your old account is closed.

Monitor your account

Even if you don’t think anyone has stolen your credit card information, I recommend monitoring your account online all of the time. Make sure to check your account a few times a week and quickly scan for fraudulent charges.

Be aware of scams

While you don’t need to remain on top of all scams currently being used to get information from people, as long as you are aware of common scams (such as skimming), you’ll be better able to protect your information.

Also, make sure you don’t give out your personal information online or over the phone to someone who calls you.

Really, stop using ‘Password1’

“Your password is bologna1?”

“Used to be bologna, now they make you add number!”

Here’s the thing: You can’t help it if someone gets your personal information and attempts to hack your life.

But if they hack into your bank account because you use the same password across 100 websites—well, that one’s on you!

Security experts recommend frequent password changes, usually between 30 and 180 days. But let’s be real—we’re probably not going to change our passwords that often unless our IT guy requires it.

For starters, try to use a unique password every time. At the very least, use a strong, unique password for anything sensitive—email accounts, banks, investments, etc.

Finally, sign-up for two-factor authentication whenever it’s offered. Definitely, use it for your financial accounts!

Two-factor authentication simply means that you’ll have to enter a unique access code, in addition to your password, when you login from a new computer. You get the code either by text message or from an app that generates the new codes every minute or so. It’s not as cumbersome as it sounds, and it makes your accounts much safer.

Credit cards with the best security

A great way to protect yourself from identity theft and having fraudulent activity on your credit cards is to choose a credit card that offers great security features. 

One of the best cards is the Citi Premier® Card.

Your card will automatically block any abnormal spending

Another card that offers great security features to its cardholders is the Citi Premier® Card. If they detect unusual activity, you’ll be sent an alert via text, email, phone, or mail, giving you the chance to confirm the transaction.

Thanks to the $0 liability guarantee, you won’t ever have to worry about paying for the charges that someone else makes with your stolen card. 

Read our full Citi Premier® Card review

Card info has been collected by MoneyUnder30 to help consumers better compare cards. The financial institution did not provide or approve card details.


These credit cards have chips in them that help ensure they’re safe to use in chip-enabled terminals across the globe. This advanced chip technology helps to keep your card safer than ever, so you don’t have to worry about your information being stolen at the terminal.


As you can see, data breaches such as Capital One, Marriott Starwood, and Equifax are becoming a more significant problem for all of us. And while you can’t guarantee that you won’t ever be affected, there are definitely action items that you can take to protect yourself and speed up the process of regaining your identity if it’s been stolen.

Read more

Related Tools

About the author

Chris Muller picture
Total Articles: 279
Chris has an MBA with a focus in advanced investments and has been writing about all things personal finance since 2015. He’s also built and run a digital marketing agency, focusing on content marketing, copywriting, and SEO, since 2016. You can connect with Chris on Twitter.