Site icon Sophos News

Equifax: four simple steps to secure yourself

By now, everyone is aware of the Equifax data breach affecting up to 143m people in the USA, UK and Canada.

Sophos CISO Norm Laudermilch has put together four simple steps that you can take to make sure your family gets through this with identities and finances intact.

1. Check your credit report

Check your credit report immediately to make sure that you haven’t already been compromised.

In the USA everyone is entitled to one free credit report each year, from each of the major reporting agencies. Free report links can be found on each of their websites. You can go to the Annual Credit Report website to get reports from all three in one swoop instead of having to call them separately.

Unfortunately, the high volume of site visitors may cause delays. In that scenario, you can call 1-877-322-8228. Deaf and hard of hearing consumers can access the TTY service by calling 711 and referring the Relay Operator to 1-800-821-7232.

Instructions for checking your credit reports in the USA are available from the usa.gov’s Credit Reports and Scores page.

If you are in the UK, follow the instructions on how to check your credit reports on the gov.uk site.

Canadian citizens can order free credit reports from Equifax and TransUnion.

2. Ask Equifax if you’ve been affected

Equifax has provided a website dedicated to providing information about the breach and a tool for people in the USA to check if they have been affected by it. Equifax has not provided a similar facility for people in the UK and Canada yet. We will update this guidance when they do but in the meantime, it’s probably best to assume that you have been affected.

3. Consider ID theft protection

Consider using an identity theft protection service if you have been affected. Identity theft protection services LifeLock and IdentityGuard are both offering discounts and free months if you’ve been affected by a breach. Equifax is also offering its own TrustedID Premier service free for a year. Rumours that consumers waive their right to take part in future legal action if they sign up for the services are not true:

To confirm, enrolling in the free credit file monitoring and identity theft protection products that we are offering as part of this cybersecurity incident does not prohibit consumers from taking legal action … we will not apply any arbitration clause or class action waiver against consumers for claims related to the free products offered in response to the cybersecurity incident or for claims related to the cybersecurity incident itself.

4. Freeze your credit file

Freeze your credit with all four reporting agencies. A credit freeze stops the agencies from releasing your information to new creditors without authorization. While this doesn’t solve the problem of our leaked personal data, it does limit the potential impact of an identity theft incident. Fees for this service vary from state to state.

There are drawbacks: you will have to “thaw” the freeze for valid purchases like buying a new car or home. It is not a slick process – but the advantages outweigh the annoyances.

The cost to freeze your credit varies by what state you’re in. 

Here’s how you can freeze your credit file:

Exit mobile version