Much has been written about the recent Equifax data breach. While I will share ways to keep credit data safe, I also will emphasize other common-sense precautions to keep online data safe.
A few weeks ago, an especially concerning security breach affecting 143 million Americans took place when Equifax, a leading online aggregator of consumer spending, personal and financial data, was hacked.
Soon after the Equifax breach, Yahoo revealed that the personal data and email IDs of 3 billion of its Yahoo Mail users had been compromised in 2013, not the previously reported 1 billion.
Aren’t these companies supposed to keep our data safe? And how do they collect so much information about us in the first place?
The three leading credit reporting firms are Equifax, TransUnion and Experian. Unfortunately, there is no way to opt out of their data collection. These companies hoover up all the personal and financial data of hundreds of millions of Americans and sell it to banks, employers and virtually anyone willing to pay for them – while selling our own data back to us, collected without our permission, for a fee! The credit scores and ratings are used extensively for employment, credit card applications, mortgages, car loans and many aspects of life.
So what is the hapless American consumer to do? While we can’t prevent hacks, we can take the following steps to safeguard our data.
• Check annualcreditreport.com. Credit reporting firms try very hard to shake down consumers to pay for some service or other. Legislation now enables consumers to request a free report annually from each of the three credit reporting companies. Download your free reports every year to make sure that no new credit cards or loans have been opened in your name without your knowledge. Do not confuse this with freecreditreport.com – it is a different site.
• Freeze your credit. You can freeze your credit with all three agencies. That means a potential employer or a bank checking your loan application will not be able to access your credit. While that may be a minor inconvenience, it also prevents the bad guys from accessing your credit history. If you are applying for a new mortgage, for example, you can always unfreeze your lock with the PIN number you received when you froze your credit. Both the freeze and the unfreeze may cost a nominal amount, but in some states they are free. If your data is already compromised and fraudulent accounts opened in your name prior to your freeze, then that is a separate problem.
• Use a credit-monitoring service. A credit-monitoring service will keep an eye on queries about your credit history, monitor any activity and warn you if a fraudulent account is being opened in your name.
• Use a virtual private network. VPNs are like secure tunnels through which your data can travel safely. You can get VPNs for both your computer and smartphone.
• Vary account passwords. Don’t use the same password for all of your accounts. Keep a list of your passwords in a safe place; use password aggregating software or apps that will remember your passwords for you.
• Safeguard your cellphone number. Your cellphone number is closely linked to your identity. Just like you would with your Social Security number, be careful about giving out your mobile number to faceless corporations on the web or online. One option is to use a Google Voice, Vonage, Skype or another such phone number tied to your mobile number so that you don’t have to disclose your actual cellphone number.
• Be careful what you post on social media. If your high school, name of the city you grew up in, street name and other details are easily accessible, security questions you have set up for your online accounts may be compromised.
• Use two-factor authentication. Use a password and a security question, or have a text with a number sent to your cellphone to require a second level of security to access your online account.
• Beware of public Wi-Fi hot spots. Never check financial or other sensitive information from a public Wi-Fi hot spot. A VPN can offer some level of security, but be extra careful, as some Wi-Fi hot spots may be “rogue” hot spots set up specifically to steal user data.