On Sept. 7, Equifax , one of the three major U.S. credit-reporting agencies, announced a breach that potentially affects 143 million American consumers’ personal data, including Social Security numbers. This breach reportedly occurred between May and July of this year. Given the enormousness of this incident and the increased frequency of large-scale data breaches, we should all assume that our personally identifiable information has been compromised.
Stanford urges members of the campus community to be continuously vigilant in monitoring their personal financial, health care and - possibly - other accounts. Criminal organizations have become increasingly sophisticated in their use of compromised data combined with other information publicly available online to generate disturbingly comprehensive portfolios of relationships, roles, accounts and credentials.
Please take a moment to review available resources and incorporate the following best practices into managing your personal financial accounts:
- Enroll in an identity theft protection service: Identify theft protection services provide credit monitoring and alert you of fraudulent activity on your credit record. The university offers identity theft protection services free of charge to all benefits-eligible employees.
- Proactively freeze your credit: The best protection against fraudulent accounts being opened in your name is to freeze your credit with the three major credit reporting bureaus. There might be a small fee associated with freezing your credit.
- Monitor your financial accounts: Routinely review your bank, credit card and other financial accounts for unauthorized activity and utilize available account monitoring features. Consider using a password manager to simplify the use of strong passwords that are unique to each account. Enable two-step authentication, which requires an additional identity authentication procedure following entry of your login credentials, on your accounts wherever possible. Review your account and/or security settings when logged in to your financial accounts to look for available two-step/enhanced authentication options.
- Monitor your Social Security benefits account: U.S. workers are currently eligible to apply for Social Security benefits when they reach the age of 62. Fraudulent claims of Social Security benefits are on the rise, with thieves impersonating individuals who are of retirement age but have not started to claim benefits. To protect against this type of fraud, proactively create a Social Security account and enable two-step authentication.
- Recognize phishing scams: Thieves will attempt to "phish” personal information and/or login credentials from you by impersonating a known individual or vendor. Following recent events, phishers may attempt to take advantage of consumers by offering identity protection services for those affected by the Equifax data breach. Remain alert to phishing by following best practices.
In addition to the best practices noted above, consult reputable news sources for additional tools and further information related to the Equifax compromise.