Equifax breach: ‘Stay calm, get the facts’

143 million were breached in Equifax heist

A cybercriminal (KOIN 6 News file graphic)
A cybercriminal (KOIN 6 News file graphic)

PORTLAND, Ore. (KOIN) — If you’re among the 143 million people whose personal information — including Social Security numbers and credit card numbers — were breached at Equifax, there are options you can take to protect the stolen information.

Equifax, one of 3 major US credit bureaus, was hit by a high-tech heist by cyber criminals who exploited a US website application to access files between mid-May and July of this year.

The theft obtained consumers’ names, Social Security numbers, birth dates, addresses and, in some cases, driver’s license numbers. The purloined data can be enough for crooks to hijack the identities of people whose credentials were stolen through no fault of their own, potentially wreaking havoc on their lives.

Equifax is encouraging customers to sign up for “credit file monitoring” and identity theft protection.

But Oregon Attorney General Ellen Rosenblum said:

Do NOT visit Equifax’s website to find out if your information was exposed or to enroll in Equifax’s credit monitoring service. The website’s terms of service potentially restricts your legal rights. Buried in the terms of service is language that bars those who enroll in the Equifax checker program from participating in any class-action lawsuits that may arise from the incident. And because the hackers gained access to the information through Equifax’s U.S. website, it is unclear whether the information you enter to determine if your information has been compromised (your last name and the last six digits of your Social Security number) will be protected from future breaches.

2. Check your credit report for inaccuracies. You can request your credit report for free from each of three reporting bureaus every year by visiting www.annualcreditreport.com or by calling 1-877-322-8228.

In short – Do not rely on Equifax to help you deal with this data breach.

Read AG Rosenblum’s full statement and consumer information here

Equifax Inc.
This July 21, 2012, photo shows Equifax Inc., offices in Atlanta.  (AP Photo/Mike Stewart)

Stephen Mayer, the Better Business Bureau marketplace manager for Oregon, told KOIN 6 News the first thing to do is find out if you’re affected by the breach. If you are, there are pros and cons to the fixes Equifax is suggesting.

“If you freeze your credit, you can’t apply for new credit or check your reports, but that means scammers can’t do any of that stuff, either,” Mayer said. “So it’s a good way to freeze it right in place, right now, assess the facts, see if you’ve been breached and then go from there.”

Mayer said if your card was breached and there are fraudulent charges, “don’t worry. The credit card companies are not going to hold you liable for that. So just stay calm and get the facts.”

Be cautious of any emails from 3rd-party companies offering to help you repair your credit, he said. “Scammers know about this breach just like we do, so they’re trying to take advantage of it, also.”

He also suggests people check their accounts frequently.

“Don’t wait for that written statement to arrive in the mail once a month. Sign on right now, see if there’s any fraudulent charges and then let your bank or credit card company know right away.”

The FBI, federal lawmakers and the Consumer Financial Protection Bureau are looking into the breach.

The Associated Press contributed to this report.