U.S. Senator Claire McCaskill, D-Missouri, says more than 2.5 million Missourians are impacted by a data breach of credit reporting agency Equifax. The cyberattack has potentially exposed the personal information of about 143 million Americans.
“Nearly half of all Missourians are potentially affected by this hack. While law enforcement investigates and we work with consumer protection agencies to hold those responsible accountable, Missourians should know they can take action to protect themselves and their identity, and my office has resources available to help,” says McCaskill.
Equifax is one of the largest consumer credit reporting agencies in the U.S. The personal information leaked earlier this month included names, Social Security numbers, addresses, birthdates, credit card information and driver’s license numbers.
McCaskill has also joined a bipartisan group of senators in calling for the Securities & Exchange Commission, Department of Justice, and Federal Trade Commission to investigate the sale of nearly $2 million in Equifax securities held by high-level Equifax executives shortly after the company learned of its massive cybersecurity breach.
She has been working with agencies like the Federal Trade Commission and Consumer Financial Protection Bureau to help Missourians address any problems as a result of compromised information. McCaskill suggests the following steps:
1. To see if your information may have been caught up in the breach, visit: www.equifaxsecurity2017.com
Using this website or taking advantage of Equifax’s free credit monitoring services, will no longer result in you losing your rights to sue Equifax at a later date. According to Equifax’s website, using the site or enrolling in the free credit file monitoring and identity theft protection products offered as part of this breach does not prohibit you from taking legal action against Equifax.
2. Change your passwords with Equifax, Experian, and TransUnion: If you have existing online accounts with Equifax, Experian, or TransUnion, change your passwords immediately. Changing your passwords regularly will help prevent hackers from accessing your accounts in the future.
3. Get your free, annual credit report and check for any signs of fraud:
Under the law, those affected are entitled to a free credit report from each of the three major consumer credit reporting agencies (Equifax, Experian, and TransUnion) once a year. Once you have your reports, you’ll want to look for: accounts you didn’t open, incorrect personal information, credit inquiries from companies you’ve never contacted, missing money or wrong amounts related to your credit, etc. If you think you’ve been a victim of identity theft, go to IdentityTheft.gov to file a report and get a recovery plan.
4. Consider freezing your credit:
By placing a freeze on your credit reports, you’ll prevent someone from opening new lines of credit or checking your credit score, if even they have all your personal information. You can place a freeze online at any time, but you’ll need to visit each of the three national credit reporting agencies’ websites:
Learn more about security freezes from the Consumer Financial Protection Bureau. The costs to place a security freeze vary state-by-state. In Missouri, it costs $5 per reporting agency to freeze your credit (or $15 total to freeze Equifax, Experian, and TransUnion), and an additional $5 per reporting agency if you want to temporarily lift the freeze in the future (a step you would need to take in order to apply for a new credit card, purchase a car, apply for an apartment, etc.). It does not cost anything to permanently lift your security freeze.
5. Place a fraud alert on your credit:
Unlike a security freeze, you only need to contact one of the credit reporting agencies to set up a fraud alert on your credit — that agency is then required by law to contact the other two. While it doesn’t lock down your credit like a freeze does, a fraud alert does require credit agencies to take additional steps to confirm it’s actually you opening credit in your name. You must renew a fraud alert every 90 days to keep it active.