The data breach at credit reporting agency Equifax affected 143 million Americans, giving hackers access to Social Security numbers, addresses, and credit file data. Identity thieves can use this information to destroy your credit, file fake tax returns and collect the refunds, and even hijack your medical data.
The Equifax breach is a reminder that everyone is potentially vulnerable to identity theft. But by changing some habits and spending a few hours improving your online security, you can greatly minimize your risk.
Here are eight simple ways to protect yourself and your personally identifiable information:
1. Make it harder for other people to get credit in your name.
One of the biggest risks of identity theft is that someone will take out loans or credit cards in your name and then never pay them. You may not find out until you're ready to buy a car or house, and by then your credit may have been ruined. Credit bureaus offer three ways to guard against this:
- A fraud alert means a lender is supposed to verify your identity before extending credit. Fraud alerts are free but must be renewed every 90 days.
- A credit freeze prohibits third parties from accessing your credit report. If a lender can't pull up a credit report, a thief usually can't get a loan or credit card in your name. There may be fees for placing freezes, and you'll need to ask the credit bureau to lift the freeze if you later want to apply for credit.
- A credit lock is similar to a freeze, but you can lift it yourself electronically. Credit locks may also have fees. Lenders may check any or all of the credit bureaus. To be safe, you must put alerts, freezes, or locks in place with all three: Equifax, Experian, and TransUnion.
2. Put passwords on your devices.
Cell phones, laptops, and tablets are easily lost or stolen. If you don't require a password to log in, then a thief has instant access to all your data.
3. Use stronger passwords.
Many of us are guilty of using the same, easy-to-remember password over and over. This is risky behavior, because if identity thieves figure out one password, it's not hard to get into more of your accounts. The strongest passwords are long and random. Consider using a password management app to create and keep track of them.
4. Set up two-factor authentication on your financial and email accounts.
Your bank probably requires this already—when you log in from a new location, you must type in a code that's texted to your cell phone. Check your account settings to make sure this is enabled on all your accounts.
5. Don't do your online shopping and banking at the local cafe.
When you use a shared computer or a business's WiFi connection, you don't know how secure the network really is. Use your own device and secured network instead.
6. Update your software regularly.
This includes antivirus software, your operating system, and anything else you use. Cyber threats change frequently, and many updates address security issues.
7. Don't give out personal information on the phone or through email or text.
If you get a call, email, or text from a retailer, charity, the government, or your long-lost cousin asking for personal information, there's a good chance it's a phishing scam—no matter how real it seems. Don't give out your info. If you think the request may be legitimate, separately look up the organization's phone number and follow up by phone.
8. Be careful about opening email attachments or clicking links.
Either of these actions can infect your computer with malware.
You don't have to be an IT expert to protect your personal data. Just be cautious when communicating or shopping online, and set up some simple security measures to protect yourself in the event your personal data is breached.