By Linda Deos
On Thursday, September 7, 2017, Equifax, one of the three major consumer credit reporting agencies, suffered a major cyber-attack. The Equifax data breach is one of the largest in our country’s history, affecting half of the United States population and nearly three-quarters of consumers with credit reports.
Chances are this affects you. Plus, the stolen information is the mother lode of sensitive personal data that can be used for identity theft: Social Security numbers, dates of birth, addresses and in some cases, driver’s license numbers. This information could be used for phishing schemes or other fraud.
So what can you do to protect yourself? First, get a free copy of your credit report from Equifax and from the two other major credit bureaus, Experian and TransUnion. These are available, free of charge, from annualcreditreport.com.
You can get a copy of your credit for free once each year. Second, put a security freeze on your credit file. A security freeze is the most effective measure against “new account” identity theft 
because it stops thieves from using your stolen information. Equifax is offering one year of its credit monitoring and identity theft prevention product in response to the security breach, which it states includes “the ability to lock and unlock Equifax credit reports.”
Be aware, however, that although one year of protection is helpful it won’t stop hackers from buying and selling the stolen information for years to come. And you will know when there has been an attempt to open a fraudulent account after the fact. If you do not want to get a freeze, there is also the option of putting a 90-day “initial fraud alert” in your credit report that tells businesses they should verify your identity before they issue credit. The initial fraud alert must be renewed every 90 days.
In closing, I must say that it is ironic that on the same day that Equifax announced this data breach, Congress was considering a bill that would dramatic reduce the consequences of violating the Fair Credit Reporting Act (FCRA) for the credit bureaus and other industry players. H.R. 2359, the so-called FCRA Liability Harmonization Act, was just heard yesterday by the House Financial Services Committee and would eliminate punitive damages plus limit class action damages under the FCRA.
While the FCRA may or may not be directly implicated by the Equifax data breach, we need stronger, not weaker, consequences when companies violate long-standing privacy laws, such as the FCRA. Credit bureaus, such as Equifax, should not be rewarded with reductions in legal accountability given these recent events
Linda Deos, Esq. is a Davis resident and a Consumer Protection Attorney
Be careful, I read where if you sign up for this service that “you may be limiting your rights to sue and be forced to take disputes to arbitration”.
http://money.cnn.com/2017/09/07/pf/victim-equifax-hack-how-to-find-out/index.html
Thank you Keith, for what I’ll nominate as PSA of the month… seriously…
I know my spouse ‘freaked’ when she heard the Equifax news… knowing there is a “but…” in what appears to be ‘a great offer!’, is valuable information/disclosure… thank you for passing this on…
I can’t help, tho’, noting you used a ‘cnn source’…
Yeah, CNN is sometimes a good source unless they’re reporting fake news about Trump.
In order to avoid accidentally agreeing to arbitration I recommend requesting your credit report via snail mail. It takes longer, but the possibility of waiving your 7th Amendment right to a jury trial is negated.
What I didn’t write yesterday is that the credit monitoring service offered by Equifax requires you to agree to arbitration – unless you opt out in writing within 30 days. A new rule by the Consumer Financial Protection Bureau would bar such forced arbitration clauses, but members of Congress have threatened to block the rule.
And what would the letter need to say to opt out? Are there any magic words?
Linda, I found this on the Equifax (https://www.equifaxsecurity2017.com/) web site today:
Would I still need to write a letter which would include something like this?