What to Do If Your Social Security Number Is Stolen by a Hack
Health insurance company Anthem lost over 80 million medical records last week, including sensitive information such as social security numbers, email and physical addresses, and more. The fallout has already begun: Anthem customers have been bombarded with phishing attacks . If you’re an Anthem customer or just worried about the next hack, here’s what you need to do to protect yourself.
To add insult to injury, it looks like Anthem didn’t even encrypt the stolen data (although the law requires it). So if companies that are legally required to protect your data won’t do it, how can you fill in the blanks? Here are a few things you can do right now.
Put a fraud alert on your credit report
Including a fraud alert on your credit report warns lenders and lenders that every time they retrieve your credit report – for example, when renewing a new line of credit or a loan – they must take additional steps to verify your identity. Ideally, this means identity thefts that might try to impersonate you in order to open a credit card or bank account in your name will be blocked while you can work in semi-normal mode. Fraud alerts last 90 days, and unlike disputes or errors, you only need to contact one of the three major credit bureaus to receive fraud alerts on all of their reports. Here’s where to go:
After you post a fraud notice, you will also receive a free copy of your credit report from each of the three agencies. Save this report as you will need it to make sure nothing has been opened in your name yet. If everything is ok, use it as a guide in case something changes in the future. If you do see errors in the report, you can file disputes online immediately after submitting the fraud notification. However, as we mentioned, fraud alerts are only valid for 90 days, so you must request an renewal after that (often free if you’ve already been a victim of identity theft, but if not, fees may apply).
If someone has already used your Social Security number or other personal information to open accounts or look up your credit report, you have more work to do to protect yourself. Fraud alerts are your first line of defense, but if you’ve already been the victim of identity theft, here are a few more things you should do right now .
Keep a close eye on your credit
After you post a fraud warning on your credit report, the next thing you need to do is monitor your credit to make sure nothing out of the ordinary happens. Fraud alerts are great, but as we mentioned, they only last 90 days. Even if the company that lost your data offers you credit monitoring as a kind of consolation (like Target hack or Home Depot hack ), data thieves know how this process works. They will either release your data to the public and start phishing victims before the company can respond, or they will wait until the monitoring period expires and then strike.
If credit monitoring is free, then by all means use it. However, after your 90-day alert has expired, or after monitoring has ended, you will still need to keep a close eye on your accounts. You can apply for extensions, but they usually cost money and there is no reason to pay if you can monitor your credit more closely with real-time alerts and updates, completely free .
Combined with free services like Credit Karma or Credit Sesame that monitor your credit in real time for free, your bank and financial institutions probably already have security alerts and notifications that you just need to turn on yourself. Likewise, services like Mint and Personal Capital give you a 10,000 foot view of all your accounts at once and notify you if anything strange happens to any of them.
Freeze your credit report completely
If you are really worried or just want to take a more aggressive approach, you can block your credit report completely. Basically, a credit freeze means that no one , including you, can withdraw or change your credit report. This means the identity thief cannot open new accounts in your name … but it also means that you cannot either. This means that you will not be able to apply for an apartment, loan, or open a new credit card or bank account until you unblock it. Our friends at How-To Geek will explain in detail how the credit freeze works .
To request a freeze, you need to go here:
Freezing your credit report usually incurs a one-time fee. You can temporarily unlock your credit report and then re-freeze it later if you need to apply for something or get your own report, but that could be a process. To do this, you’ll need tons of identifying information (which you probably have anyway) and specific PINs from each bureau (which you set when you freeze). However, this blocking of your account means that no one can touch your report until you say so, which is quite a powerful tool.
Make sure your social security number remains yours
If your Social Security number was lost due to a hack – and if you are the anthem buyer and still remain – you can contact the Social Security Administration and Tax Office to make sure the attacker did not file a change request. addresses to get official documents sent to a new address (such as tax refunds) or to try to get a job in your name.
It may be too early to warn them, but it will ensure that they have all the information you need, help you understand what you should do if you suddenly start seeing a new address associated with your name, or if official documents that you expect appears to have disappeared in the mail. Likewise, the U.S. Postal Inspection Service has an online form that you can fill out if you think you have been the victim of mail-related identity theft, such as when someone filed for an address change so that your mail would be forwarded to them.
Hone your fraud detection skills
Obviously, these hacks are not your fault, so you couldn’t destroy the entire document or check a strong password to stop them. However, it is still important to remain vigilant. If your data is publicly available, you can expect potential thieves to call you, be it online phishing attempts, fraudulent emails, malefactor-in-the-middle attacks, or targeted hacking attempts . Make sure you can identify phishing and scam emails when they arrive, and that you are using a good password manager , preferably one that can notify you that one of your accounts has been compromised. Also, it doesn’t hurt to make sure you are using reliable, up-to-date antivirus and antivirus tools .
Similarly, once your personal data will be made available to other, social engineering is fast becoming a serious security issue . The thief may not have enough information to open a bank account in your name, but he may have enough information to call your bank and access your existing accounts. Use two-factor authentication wherever possible . Keep an eye on your spam folders and trash can and make sure you don’t see a sudden spike in password reset requests and other emails from institutions you are not familiar with or have no accounts with. Some of them are regular phishing emails, but many of them suddenly become suspicious and you should call this institution to find out what is going on.
Finally, protecting your identity is not limited to your computer. In most cases, identity theft occurs offline, in some cases with data obtained from the Internet. It’s also important to learn how to protect your offline data , and it’s a good reminder that shredding confidential documents, reporting lost or stolen documents, and of course, being wary of suspicious phone calls (even from companies you trust) when someone may try to get even more confidential information from you.
Cards are still in the air when it comes to hacking Anthem, but lawsuits have been filed and millions of people store their personal information online. Anthem says it will contact anyone whose information has been compromised “in the coming weeks” while they figure out how it all happened.
In the meantime, if you are an Anthem customer or have been in the past, there is a lot you can do. Even if you dodged a bullet this time, don’t wait for the next hack or someone else to protect your financial security and identity. It’s easy to do it yourself, and with a keen eye, you can stop any bad behavior before it even starts.