I initially wrote about my take on the Equifax Security Breach about a month ago. In that time since, the news continues to come out about just how pervasive this hack was (and maybe continues to be). We were already on high alert for instances of identity theft. But the source, scope, and what seems like a justified feeling of betrayal associated with this particular breach have ushered in a new era of cybersecurity. There was before the Equifax security breach; now there’s after.
What does “after” look like, and how can we help you navigate it? Unfortunately, there is no one-size-fits-all regimen, but here are some of the most frequently cited actions we’ve seen, along with our commentary on them. Some of these were mentioned in my first post (repetition never hurts) but I have added some new thoughts as well.
What should you do right now?
- Check your credit reports using annualcreditreport.com. Keeping an eye on your credit reports has long been a best practice, and should continue to be, today more than ever. Be sure to only use annualcreditreport.com. As the website says, it is the only provider authorized by Federal law to provide you with the free annual reports that already are rightfully yours. Also, so you can obtain a free credit report more than annually, consider staggering the three primary agencies’ reports, selecting one to review every four months.
- File your tax returns as early as you’re able. This might sound strange considering that we are only a few days away from the extension deadline; however, January 1st, 2018 will be here before we know it. Plan to have your tax information organized and ready to go to your CPA. Filing early minimizes the opportunity for an identity thief to file a bogus return on your behalf.
This may not be practical for some of you, but the bottom line…if you can file earlier than later, do so.
- Consider placing a fraud alert or a freeze on your credit. Deciding which (if either) of these actions makes sense for you depends on your personal circumstances. For example, if you’re frequently applying for credit, placing a freeze may be impractical. On the other hand, if you have been a victim of identity theft, an alert might not suffice. In this instance, it’s worth reading through the advantages and disadvantages before determining your next steps. We’re here for you as well, to serve as an additional sounding board.
- Consider enrolling in a credit monitoring service. Equifax has offered to provide a year of free credit monitoring and identity theft protection via TrustedID Premier. We’ve seen mixed reviews on whether it makes sense to accept Equifax’s offer. First, there’s the whole trust issue raised by the recent breach. Plus, identity thieves have nearly endless patience, so one year of monitoring is only the beginning. That said, other independent services can be costly (especially if you’ve got an entire family to cover), and they may not ultimately offer much that you cannot do on your own if you so choose. It comes down to a cost/benefit analysis unique to you.
- Regularly change the passwords and PINs on your financial accounts. Like regularly monitoring your credit reports, periodically changing your financial account login information has been and remains a best practice. Quarterly or at least twice a year makes good sense to us.
Information fatigue is the enemy of action
We’ve seen other tips and pointers besides these, some of which may be advisable as well. To avoid informational overload, here are three guiding lights:
- Pace yourself. As with any seemingly insurmountable challenge, it may be best to take things one step at a time, lest you lock up and end up doing nothing at all.
- Patiently prevail. Approach your security as an ongoing process rather than a quick fix. After determining which actions make sense for you, set up a routine and a schedule for implementing them. Write down your plans, and then follow them.
- Partner with us. We won’t go into sensitive specifics here but, as financial advisors, we have long been taking strong measures at our end to protect against hackers and identity thieves. That said, no system is impregnable. The more aggressively we join forces to thwart cybercriminals, the more likely we will ultimately prevail.
So, how can we help you moving forward? If you’d like to consult with us as you think through some of the points we’ve touched on above, we welcome the conversation. We also ask you to be responsive when we reach out to you with security-related questions or suggestions. For example, earlier this year, we produced a quick-reference and more detailed overview, “Avoiding Financial Scams and Identity Theft Slams,” filled with perennial information and best practices. We’d be delighted to share those materials with you so just ask.
As this wise educator observed in reflecting on the Equifax breach, “Security isn’t a product. It’s a process.” Just as sensible investing involves taking appropriate near-term steps in the context of an ongoing, personalized plan, so too do we find it increasingly imperative to respond to this and future cyberattacks with upfront planning, well-reasoned action and continued best practices. Let us know how else we can assist with that!