This isn’t going to be news to you. The fact that one of the three main credit repositories was hacked, swiping personal information from Equifax’s database of some 143 million consumers. That means someone somewhere has gleaned names, social security numbers, addresses and more from Equifax and it’s not a stretch to think 1) whoever did this was pretty good and 2) the stolen data will be used for nefarious, credit-related purchases. If you haven’t seen your credit report recently or perhaps you looked at a copy but paid more attention to your credit scores, you’re going to be surprised at the amount of information that appears on your credit report. What sort of information? Beyond the obvious identity information, your credit file also contains:
AKAs. If you’ve ever been known by any other name, such as a surname or a Bobby instead of a Robert, that’s probably in your report.
Location. Your credit report, primarily used for identity verification, also includes addresses of places you’ve lived.
Trade lines. This lists every credit line you’ve ever had over the past seven to 10 years including high balances, minimum monthly payments and any payments made more than 30, 60 and 90 days late. Collection accounts and judgements also appear as well as bankruptcy information
Inquiries. Inquiries either come at your behest or a potential creditor. When you apply for credit, this logs as an inquiry on your report. When potential creditors request your credit file to determine whether or not to send you a credit offer, this can also be logged.
Spouse’s credit.If you’re an authorized user on a spouse’s credit report this account too can appear in your file.
Okay, so what’s not in your hijacked Equifax file?
Employment. Your credit report won’t show where you work nor how much money you make. It also won’t show whether or not you’re currently unemployed.
Financials.Even though a credit application, especially a mortgage application, contains quite a bit of personal financial information, your net worth and other financials do not appear in a file.
Medical. Your private medical history is not in the file. But remember any delinquent medical collection accounts can appear, although mortgage lenders pay little attention to such accounts.
Okay, so now what?
The credit file swipe occurred over a relatively short period of time from the latter part of May through July, although it doesn’t take very long to retrieve digital data. In the stolen data, just over 200,000 credit card numbers out of the 143 million stolen. All this said, what should you do?
The first thing to do is log onto the site established to see if your information has been one of the 143 million stolen. In all likelihood, it has. If you’ve got any sort of credit it was probably reported to Equifax. The site is at www.equifaxsecurity2017.com. At this site, you’ll find a tab that reads “Potential Impact.” Click on that and enter the requested information. If you’ve been exposed, Equifax offers a free year of credit monitoring but quite frankly that might not mean very much at this stage.
Your second step is to review your credit report by accessing a freebie at www.annualcreditreport.com, a site established and supported by the three repositories, Equifax, TransUnion and Experian. Review your report and look for accounts that don’t belong to you. Immediately dispute any charges or accounts that aren’t yours.
At the same time, monitor your credit card and bank accounts for suspicious activity. You may want to cancel a card or switch to a new bank account but that’s a personal choice, not legal advice. If you’re suspicious or just don’t want to worry about it any longer, you can place a credit freeze on your account which makes it nearly impossible for a third party to open up a new account. One important note here, if you freeze your file then later apply for a mortgage, you’ll need to unfreeze the account so the lender can pull a report. TransUnion and Experian both have stated their systems are secure and monitored constantly. But you should still be vigilant and keep a sharp eye on the accounts you own.
You may also look into various credit monitoring services that can alert you when your credit file has been accessed by an unauthorized third party attempting to open up a credit account in your name.
Going Forward with Equifax
Individual lenders subscribe to the three repositories and both report consumer payment information as well as request credit histories on applicants who have requested credit. Who knows where Equifax will be one year from now and whether or not merchants will continue to report to them as well as tap into the Equifax database.
The issue many have is why it took Equifax so long to report the breach? The intrusion occurred from May through July but Equifax kept quiet about it. Equifax announced the hack September 7th, keeping silent for more than a month. Further, and more troubling, is the fact that certain Equifax executives who knew about the problem sold Equifax stock before they announced the problem. According to reports, thee executives sold shares worth nearly $2 million. Regulators will be looking into this “insider information” activity.
Consumer agencies have long held the importance of consumers monitoring their own credit at least once per year. Now maybe with a real-world example of such magnitude, no doubt more will be taking that advice.