The Equifax Security Breach: Protect Yourself & Be Aware of Scams

As widely reported, Equifax has experienced a data security breach which may impact more than 143 million U.S. consumers. Personal information at risk may include social security numbers, dates of birth, addresses, driver’s license numbers and credit card information (for approximately 209,000 consumers).

Northwest Bank suggests two actions for its customers:

Understand if you are impacted, and take steps to protect yourself.

  1. Equifax has established a self-service portal, where you can quickly and easily determine if you may have been impacted. Just click on “Potential Impact” and enter your last name and the last six digits of your social security number.
  2. If you are impacted, consider one of the many services available for ongoing credit file monitoring and ID theft protection. The Federal Trade Commission (www.ftc.gov) provides additional guidance on how to protect yourself.

For their part, Equifax is offering all U.S. consumers a one-year free subscription to its TrustedID Premier product. The company has clarified terms of this offer, reported after the breach was discovered, regarding the impact on consumer’s legal rights, and conversion of TrustedID Premier to a paid subscription after one year. Extensive Q&A’s are available on the Equifax site regarding the process and features of TrustedID Premier.

Be on the lookout for scams.

Unfortunately, criminals will often take advantage of security events to execute phishing attacks. There are several things you can do to protect yourself.

  1. Be alert to e-mails that appear to come from Equifax, or any company, that asks you to provide or confirm confidential information. As a security practice, legitimate organizations don’t do this. Because of the volume of victims, Equifax is notifying only the 209,000 consumers whose credit card information may have been affected via postal mail.
  2. Ignore anyone who uses scare tactics, by email or phone, and who threatens to disable an account or impose some penalty if you don’t verify information. If you aren’t sure, contact the company directly to confirm authentic requests.
  3. Remember some of the basics.
    • Ignore generic-looking requests for information, especially when they appear to come from organizations you don’t do business with.
    • Never submit confidential information vis forms embedded within email messages.
    • Don’t click on links unless you know they are authentic. Type web site URL’s directly to make sure it hasn’t been spoofed.