After Equifax revealed that a “cybersecurity incident” has potentially exposed the personal information of 143 million Americans, the credit reporting agency set up a website to let consumers know if they may have been affected.
But many Americans, myself included, say the website has left them with more questions than answers.
What you need to know about Equifax’s data breach website
Money expert Clark Howard said this is “absolutely the worst data breach in the history of the modern era,” so it’s understandable why so many people rushed online to see if they had reason to worry.
When you go to EquifaxSecurity2017.com, the first thing you see is a recap of the headlines that have been making news around the world:
- Criminals exploited a U.S.-based website application vulnerability to gain access to certain files
- Unauthorized access occurred from mid-May through July 2017
- Information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers
- Credit card numbers for approximately 209,000 U.S. consumers and certain dispute documents for approximately 182,000 U.S. consumers were accessed
- Unauthorized access to limited personal information for certain U.K. and Canadian residents
Next, Equifax says you can click on “Potential Impact” to find out if you could be affected and sign up for a year of free credit file monitoring and identity theft protection.
When I clicked on that link, I was asked to give my last name and last six digits of my Social Security number.
After filling out the required information, Equifax didn’t provide me with a yes or no answer about whether I was vulnerable. I tried a second time and got this response:
“Based on the information provided, we believe that your personal information was not impacted by this incident.”
Sigh of relief? Not so fast! I got a different answer the third time I tried. Equifax said my personal information may have been impacted by the incident.
So, was I affected or not? I still don’t have a yes or no answer, but it sounds like a maybe.
Equifax gave me an enrollment date to return to the site to sign up for TrustedID Premier, the complimentary identity theft protection and credit file monitoring.
I then called Equifax’s call center at 866-447-7559 for clarification, but the line was busy. Imagine that.
My next call was to Clark, who said you should not enroll in Equifax’s program! The breach is so severe that the criminals will be able to use this information for decades, so one year of TrustedID Premier won’t do you any good.
“My advice is don’t go to Equifax’s website. Assume you are affected and act accordingly,” Clark said.
In addition, TrustedID Premier’s terms of service state that you waive the right to participate in any future class action lawsuit, should one be filed.
Clark: The only answer is a credit freeze
In this case, the only answer is a credit freeze. It will cost you a few bucks to set up with Equifax, Experian and TransUnion individually, but a credit freeze will shut the criminals down cold.
A credit freeze allows you to seal your credit reports and use a personal identification number (PIN) that only you know and can use to temporarily “thaw” your credit when legitimate applications for credit and services need to be processed. The added layer of security means that thieves can’t establish new credit in your name even if they are able to obtain your personal information.
Freezing your credit files has no impact whatsoever on your existing lines of credit, such as credit cards. You can continue to use them as you regularly would even when your credit is frozen.
The cost ranges from about $3 to $10 per person per bureau to freeze a credit report, although a couple of states have higher fees. Here’s a state-by-state list.
If you won’t do a credit freeze, Clark suggests that you look into Credit Karma’s free credit monitoring.