Protecting Your Identity in the Wake of the Equifax Breach

As you are no doubt aware, Equifax, one of the three major credit reporting agencies, had a massive security breach affecting up to 143 million people. Data that has potentially been exposed includes social security numbers, dates of birth, addresses, drivers license numbers, and credit card numbers.

Before I go on note that this is an evolving story. The information and directions from Equifax will likely change over the ensuing days and weeks.

Further, it now seems likely that Congress will get involved and require a better response from Equifax and, by extension, the other credit reporting agencies.

But you don’t need to wait for the story to evolve before taking action to protect your identity. Below are answers to some common questions about Equifax as well as information on identity protection in general.

Will Equifax tell you if you were affected?

Yes and no. They say they will notify, via regular mail, the 209,000 people whose credit card numbers were stolen and the 182,000 people whose “personal identifying information” was affected. This is a small fraction of affected people.

These notices will be sent via regular mail. If you receive an e-mail or phone call from a company claiming to be Equifax don’t believe it.

Can you find out if you have been affected?

Yes. Equifax has set up a web site where you can determine if you are affected.  The address is:  (Once on the web site click on “Potential Impact.”)

The problem is that the website requires you to enter the last six (6) digits of your social security number. If you are like me you are  wary of entering this much of your social security number on-line to a company whose security was just breached.

Further, there have been reports that regardless of what you enter into the above portal (even false information) the response given by Equifax will be that you are affected. At the moment there is very little confidence in Equifax’s response.

What is Equifax doing for you?

Equifax is offering free enrollment in their TrustedID Premier security monitoring service.  This service includes social security number monitoring, credit file monitoring at all three credit agencies, Equifax credit reports, credit report locks (optional), and $1million of identity theft insurance.

There is no harm in signing up for this free service. Equifax is not requiring credit card information to sign up and will not automatically renew the service after the year has expired. And, contrary to initial reports, signing up for this service will not prohibit you from taking legal action or joining a class action suit at a later date.

You have until November 21, 2017 to sign up for TrustedID Premier. To sign up go to:

What should you do?

In many ways, it doesn’t matter if you were affected by Equifax or not. Data breaches have become part of the digital world and we must be vigilant at all times.

While this article was prompted by the Equifax data breach, protecting your identity was already and will continue to be of utmost importance. The information below could be considered “Best Practices” for Identity Protection.

Level 1 – Self Monitor

At the very least you should closely monitor all of your account statements for suspicious activity. In addition you should regularly monitor your credit reports.  You can obtain a free copy of your credit report from each of the three major credit reporting agencies (Equifax, Experian, and TransUnion) once every 12 months. You can do this by calling 1-877-322-8228 or going to the following web site:

My suggestion is to order one free report every four (4) months from a different agency.

Along with this, experts suggest that you opt out of receiving pre-screened credit offers.  You can do this by calling 1-888-5OPTOUT.

Level 2 – Fraud Alert

A fraud alert does not stop credit from being issued in your name, but it does require anyone wishing to extend credit in your name to take extra steps to verify that you are who you say you are. You can place a fraud alert at each of the three major credit reporting agencies by visiting their web sites.

The problem with fraud alerts is that they only last for 90 days. Note that an extended fraud alert (7 years) can only be placed on your account if you have actually been an identity fraud victim.

Level 3 – Security Freeze

A security freeze prevents anyone, including you, from opening a new account in your name. This means that you won’t be able to take out any sort of loan or be extended any credit while the freeze is on. That includes buying a home, getting a new credit card, getting a store card (i.e. Nordstroms), etc.

The good news is that you can un-freeze your accounts anytime you want.

The bad news is that freezing/un-freezing is not only cumbersome, but it costs money. For example, in Massachusetts it costs $5 each time you freeze or un-freeze your account.  Further you will need to freeze/un-freeze all three credit agencies.

For the moment Equifax is waiving the $5 fee to put a freeze on your account.  It is unclear if the other agencies will waive the fee as well – I’ve heard mixed reports on this.

Another very important item relative to freezing/un-freezing is that you will be assigned a PIN (by each of the agencies). You will need these PINs each time you freeze or un-freeze your accounts.  If you don’t have your PIN it will be cumbersome and take some time (weeks) to rectify the situation.  KEEP TRACK OF YOUR PINS!!!!!

To put a freeze on your account you can contact the credit agencies via telephone:

Equifax 800-349-9960

Experian 888-397-3742

TransUnion 888-909-8872

Additional Protection

You may want to consider enrolling in a permanent credit monitoring program with a company such as Lifelock ( This is a paid service that will constantly monitor your credit.  The cost is anywhere from $9.99 per month to $29.99 per month.

The three major credit agencies all offer similar paid services (such as Equifax’s TrustedID program).

I hope you find this information helpful.  Please feel free to contact me if you have further questions.

Best regards,




Daniel Traub

Download PDF

Return to Top

Return to Commentaries