How to Protect Identities If a Data Breach Targets a Credit Bureau

If your customers and employees have been fortunate enough to never have received any type of letter notifying them that their personal information was compromised, chances are high that it’s out there now. In one of the most extensive security breaches to ever be made public, Equifax announced that a recent data breach allowed hackers access to the records of approximately 143 million U.S. consumers. The information leaked primarily includes names, Social Security numbers, birth dates, addresses and, in some case, driver’s license numbers. Furthermore, the credit card numbers for about 209,000 people, and certain dispute documents for another 182,000 people, were also accessed.

It’s been revealed that hackers were able to exploit a U.S. website application vulnerability to gain access to these files. Equifax’s internal investigation shows that the unauthorized access occurred from mid-May through July 2017. This is a security risk for anyone who has their personal identifiable information (PII) out on the web because it allows fraudsters to now use the stolen PII to access their accounts online or create new ones.

Following any recent data breach, everyone should take measures to stay safe and secure on and offline. They should monitor all activities on their financial and credit card accounts, lock down their login information by using two-factor authentication, review any information from their insurance companies and/or explanation of benefits, and we strongly urge everyone to sign up for an identity protection service that includes credit and identity monitoring. However, everyone should be weary that not all monitoring services will protect them equally. We encourage individuals who are evaluating identity protection services, and businesses who are evaluating such third-party services to offer, to compare the monitoring capabilities and the quality of the customer service.

Comprehensive monitoring services should include internet surveillance, compromised credential monitoring, and credit monitoring.

The monitoring should also include alerts so that if a customer’s information is detected,they can quickly assess and work with resolution experts to minimize any impact.

Some recommended information to monitor includes:

• Social Security number
• Email addresses
• Date of birth
• Debit/credit cards
• Bank account numbers
• Insurance card/policy number
• Drivers’ license number
• Loyalty card numbers
• Affinity card numbers
• Passport number

After headline grabbing breaches like this, it’s also common for those affected to receive an influx of phishing emails supposedly from the organization breached or other trusted service providers. Consumers should be particularly watchful of such emails and consider investing in additional cyber protection, like that included in our online data protection suite.

Additionally, the time may come when your customers and employees will be on the receiving end of a recent data breach notification and will need the assistance of a resolution specialist, it’s critical to ensure that the protection includes a team of experts they can rely on. It’s in this service feature where most identity protection providers truly stand apart – some focus on maximizing calls per hour whereas others focus on quality of the care offered. We, proudly, are the latter. Our certified, award-winning Resolution Center teams are available 24/7, every day of the year to provide empathetic and patient assistance that puts people first.

And regardless of whether consumers already have an identity protection service to assist them, we recommend all consumers place a 90 day fraud alert with all credit bureaus. In some cases, this alert can even be extended to seven years at consumers’ request. This will prevent any creditors from opening a new line of credit in their name for the next 90 days (or seven years) without first contacting them for their approval. They can place an alert by calling 1.800.680.7289, selecting option 1, and following the automated prompt instructions.

Consumers may also want to consider taking the more stringent approach of placing a freeze on their credit reports with all three bureaus. Credit freezes prevent individuals’ credit from being pulled to open new accounts, which can prevent criminals from opening fraudulent accounts with their stolen information. Credit freeze availability varies under each state’s law and may require payment of a fee, the filing of a police report, as well as a waiting period when a consumer wants to unfreeze it to apply for credit in the future. Unlike fraud alerts, credit freezes stay in place indefinitely, until the consumer requests it to be removed. Consumers with identity protection can call the phone number in their program materials for assistance with this process or contact each credit bureau individually to place a freeze.

Recent data breach and cybersecurity incidents that are as wide-reaching as this often spur many consumers to look into identity protection services and companies to consider offering it to customers and/or employees. However, while most data breaches do not affect this large a percentage of the population, they occur much more frequently than most consumers might think. In fact, U.S. data breaches have increased at a record pace this year so far and they are predicted to reach an all-time high of 1,500 in 2017. This underscores the importance of consumers and companies taking a proactive approach to protecting identities before they’re affected by cyberattacks by investing in a quality identity protection service from a trusted provider.

To learn more about protecting your customers’ and employees’ data with Generali Global Assistance identity and digital protection, request a demo.