Over the past few years, there have been an uncomfortable amount of instances where major companies were hacked into and their customer’s information has been stolen. The two most memorable are the Equifax breach, and the more recent Marriott Starwood hack.
It’s imperative for people to not only learn about what happened during these hacks, but also what steps they can take to protect themselves in the future.
When your credit card information is exposed during a hack, you can quickly become the victim of identity theft. Especially if your passport information is also compromised, as it was in the Marriott hack.
What happened during the hacks?
Equifax is one of the nation’s three major credit bureaus, and when they were hacked back in 2017, about 143 million U.S. customers information was put into the hands of cybercriminals. The backlash against Equifax was especially harsh given the scale of the breach and, because, of all companies, we expect a credit bureau to protect this stuff.
There’s a similar story with the Marriott hack. Hackers were able to access the information of up to 500 million customers of Marriott International. This attack began four years ago and exposed data which included everything from credit and debit card information to passport numbers.
According to The New York Times, this attack was one of the largest thefts of personal records ever reported. Because the data obtained during the hack hasn’t been found on the dark web, experts think that it was collected for intelligence purposes, not for use.
What to do if you have been hacked
The best thing to do if you think you’re the victim of a hack and your personal information has been compromised is to check your information for identity fraud.
Lock down your account
You have likely heard a lot about fraud alerts and credit freezes since the Equifax breach.
A fraud alert is a temporary measure that is supposed to prevent anyone from opening new credit in your name. You can set the fraud alerts online or by phone, and you’ll need to do it with each bureau.
A freeze works like a fraud alert, only it remains in place until you remove it. The credit bureaus may charge a fee to freeze your report, depending on your state. (After public backlash, Equifax has waived fees for freezing your Equifax report.)
It’s important to know that when you freeze your credit report, creditors and lenders can’t pull your credit report or credit score, so you won’t be able to apply for any loans. You can “thaw” your account with a unique access code each bureau will give you when you place the freeze. If you freeze your file, it’s critical that you don’t loose this code!
You’ll need to perform a freeze at each credit bureau individually. You can also do a security freeze online (if you trust it).
- Your full name, including your middle initial any generational suffix (e.g. Jr., II, etc.)
- Complete current address, and previous addresses for the past two years
- Date of birth, month, day, and year
- Social security number
- Proof of identification (e.g. a photocopy of your valid driver’s license, passport, state ID, military ID, or birth certificate)
- Address verification (e.g. utility bill, cell phone bill, pay stub. Do not send a credit cards statement, magazine subscription, voided check, or lease agreement)
- Payment (check, money order, or major credit card)—if this is required
Equifax Security Freeze
P.O. Box 105788
Atlanta, Georgia 30348
Experian Security Freeze
P.O. Box 9554
Allen, TX 75013
P.O. Box 2000
Chester, PA 19022-2000
Since Equifax has undergone a recent breach, you can visit their website for step-by-step instructions on freezing your credit.
Scan all bank statements
Many people don’t pay attention to their bank or credit card statements. But if your identity and information have been compromised, then you’ll want to make sure you set time aside each month to look for any charges that you don’t recognize.
Check your credit report
Look for any accounts that you don’t recognize, as these are a sign that someone has stolen your information and is opening accounts in your name.
Contact the police
Even though the local police probably won’t be able to do anything to help if you someone overseas has stolen your information, they can take your information.
This may help them if a local person has stolen your accounts and is also stealing information from others.
File a report
In addition to talking to the local police, you need to make sure that you speak to the professionals at the Federal Trade Commission. These experts will provide you with a recovery plan and forms and letters to help you dispute fraudulent charges.
Use a credit monitoring service
If you haven’t used a credit monitoring service in the past, then now is a good time to sign up for one.
These professionals can monitor the three major credit reporting companies and alert you when an account is opened in your name.
We recommend MyFICO for the most accurate gauge of your FICO score, plus the most comprehensive criminal surveillance on the market.
Open new accounts
You’ll want to talk to your bank about how to avoid more damage in the future. They may recommend closing all of your accounts and opening new ones to ensure that you have accounts that have not been compromised.
Set up a fraud alert
Placing a fraud alert on your account will ensure that any company who pulls your credit knows that your account may be compromised and that your identity might be stolen. This should encourage them to take extra steps to verify the identity of a person using your information.
How to protect your credit card
Tim Parker at Investopedia came up with a few key steps to help minimize the damage if your credit card information is stolen and how to protect that information in the first place.
I’ll break them down below:
Get a new card right away
If you find that your information was stolen, make sure the company issues you a new card, and your old account is closed.
Monitor your account
Even if you don’t think anyone has stolen your credit card information, I recommend monitoring your account online all of the time. Make sure to check your account a few times a week and quickly scan for fraudulent charges.
Be aware of scams
While you don’t need to remain on top of all scams currently being used to get information from people, as long as you are aware of common scams (such as skimming), you’ll be better able to protect your information.
Also, make sure you don’t give out your personal information online or over the phone to someone who calls you.
“Your password is bologna1?”
“Used to be bologna, now they make you add number!”
Here’s the thing: You can’t help it if someone gets your personal information and attempts to hack your life.
But if they hack into your bank account because you use the same password across 100 websites—well, that one’s on you!
Security experts recommend frequent password changes, usually between 30 and 180 days. But let’s be real—we’re probably not going to change our passwords that often unless our IT guy requires it.
For starters, try to use a unique password every time. At the very least, use a strong, unique password for anything sensitive—email accounts, banks, investments, etc.
Finally, sign-up for two-factor authentication whenever it’s offered. Definitely use it for your financial accounts!
Two-factor authentication simply means that you’ll have to enter a unique access code, in addition to your password, when you login from a new computer. You get the code either by text message or from an app that generates the new codes every minute or so. It’s not as cumbersome as it sounds, and it makes your accounts much safer.
Credit cards with the best security
A great way to protect yourself from identity theft and having fraudulent activity on your credit cards is to choose a credit card that offers great security features.
Check out one of these four options, and you’re sure to feel much better about using your card.