Money has partnered with CardRatings.com and ConsumersAdvocate.org, among other companies, for our coverage of credit card products. Money, CardRatings.com, and ConsumersAdvocate.org may receive a commission from card issuers. For example, Money receives a commission from Citi when you apply and are approved for a Citi product through the links on this site.
Opinions expressed here are the author's alone, not those of any bank, credit card issuer, airline or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.
Credit bureau Equifax was left reeling after announcing on Thursday that a security breach may have compromised the social security numbers, birth dates, and other personal information of about 143 million U.S. consumers. That’s almost half the country.
As a safeguard, Equifax asked concerned users in its announcement of the breach to enroll in an identity theft protection system that many have found confusing and possibly unsafe. The system could also be so flooded with requests that it may not be functional at the moment. A Money reporter attempting to enroll was asked to provide his last name and last six digits of his social security number, then was told to return to the enrollment website in one week.
Making matters even worse, many consumers who have been able to enroll in the program were left frustrated because Equifax often cannot confirm that they have or haven’t been affected by the hack. Representatives at Equifax’s consumer service line are also unable to tell users whether their information has been compromised.
Equifax shares plunged 13% pre-market early on Friday.
Many took to social media to vent their frustration at the company, which said they learned of the incident more than a month ago but only reported it Thursday afternoon.
Bloomberg also reported that Equifax executives sold shares worth about $1.8 million in the days after the hack was discovered.
In the aftermath of a breach involving personal credit info, experts suggest immediately using your one free annual credit report from each of the credit bureaus (Equifax, Experian, TransUnion), which you can do via AnnualCreditReport.com, to check if someone has tried to apply for credit in your name. You should also place a free 90-day fraud alert with one of the bureaus, which will inform the other two. This alert tells lenders to confirm your identity before extending credit. You can also freeze your credit at each of the main credit bureaus, though doing so incurs a fee of $10.
CreditCards.com senior industry analyst Matt Schulz says that in today’s era of one hack after another, everyone should get in the habit of checking online credit card and bank statements once a week or so, to ensure that someone isn’t making purchases in your name. “We think nothing of checking Facebook or Instagram 10 times a day, but many think it is too much to ask to check your bank statements once a week,” Schulz said. “It’s not. It’s easy to do, doesn’t take long and can help you spot problems before they get out of control.”
Click here for more tips on what to do if you think you’ve been hacked.