The Equifax Data Breach - What you need to know now

This data breach was especially egregious because the company reportedly first learned of the breach on July 29 and waited roughly six weeks before making it public (hackers first gained access between mid-May and July) and three senior Equifax executives reportedly sold shares of the company worth nearly $2 million before the breach was announced.

DOWNLOAD: FREE Ebook - Income Tax Return Fraud and Identity Theft

Moreover, as CNN points out, consumers don't choose to do business or share their data with Equifax; rather, Equifax — along with TransUnion and Experian, the other two major credit reporting agencies  — unilaterally monitors the financial health of consumers and supplies that data to potential lenders without a consumer's approval or consent.

As reported in the Wall Street Journal, Equifax has faced widespread criticism following its disclosure of the hack, both for the breach itself and for its response, particularly the website it established for consumers to check if they may have been affected. Both the FBI and Congress are investigating the breach. In the meantime, here are answers to questions you might have.

1. What's the deal with the website Equifax has set up for consumers?

Equifax has set up a website, equifaxsecurity2017.com, where consumers can check if they've been affected by the breach. Once on the site, click on the button "Potential Impact" at the bottom of the main page. You then need to click on "Check Potential Impact," where you will be asked to provide your last name and the last six digits of your Social Security number — a request that was widely mocked on social media as being too intrusive when the standard request is for only the last four digits.

Equifax has stated that regardless of whether your information may have been affected, everyone has the option to sign up on the website for one free year of credit monitoring and identity theft protection. You can do so by clicking the "Enroll" button at the bottom of the screen. Note: Just clicking this button does not mean you're actually enrolled, however. You must follow the instructions to go through an actual enrollment process with TrustedID Premier to officially enroll.

The New York Times reported more wrath was directed at Equifax when some eagle-eyed observers noted that enrolling in the free year of credit protection with TrustedID Premier meant that consumers gave up the right to join any class-action lawsuit against the company and agreed to be bound by arbitration. But an Equifax spokesperson has since stated that the binding arbitration clause related only to the one year of free credit monitoring and not the breach itself; Equifax has since removed that language from its site.

2. What is TrustedID Premier?

Equifax's  response to the data breach is to offer consumers one free year of credit file monitoring services through TrustedID Premier. This includes monitoring reports generated by Equifax, Experian, and TransUnion; the ability to lock and unlock Equifax credit reports with a credit freeze; identity theft insurance; and Social Security number monitoring.

According to the New York Times, consumers who choose to enroll in this service will need to provide a valid email address and additional information to verify their identity. A few days after enrolling, consumers will receive an email with a link to activate TrustedID Premier. The enrollment period ends November 21.  After the one free year is up, consumers will not be automatically charged or enrolled in further monitoring; they will need to sign up again if they so choose (some initial reports stated that consumers would be automatically re-enrolled after the first year).

3. What other steps can I take?

It is always a good idea to monitor your own personal information and be on the lookout for identity theft. Here are specific additional steps you can take:

• Fraud alerts: Your first step should be to establish fraud alerts with the three major credit reporting agencies. This will alert you if someone tries to apply for credit in your name. You can also set up fraud alerts for your credit and debit cards.
  
  
• Credit freezes: A credit freeze will lock your credit files so that only companies you already do business with will have access to them. This means that if a thief shows up at a faraway bank and tries to apply for credit in your name using your address and Social Security number, the bank won't be able to access your credit report. (However, a credit freeze won't prevent a thief from making changes to your existing accounts.) Ron Lieber of the New York Times wrote on September 12 that initially, consumers who tried to set up credit freezes with Equifax discovered they had to pay for it, but after a public thrashing Equifax announced that it would waive all fees for the next 30 days (starting September 12) for consumers who want to freeze their Equifax credit files. Before freezing your credit reports, though, it's wise to check them first.
  
  Also keep in mind that if you want to apply for credit with a new financial institution in the future, or you are opening a new bank account, applying for a job, renting an apartment, or buying insurance, you will need to unlock or "thaw" the credit freeze.
  
  
• Credit reports: You can obtain a free copy of your credit report from each of the major credit agencies once every 12 months by requesting the reports at annualcreditreport.com or by calling toll-free 877-322-8228. Because the Equifax breach could have long-term consequences, it's a good idea to start checking your report as part of your regular financial routine for the next few years.
  
  
• Bank and credit card statements: Review your financial statements regularly and look for any transaction that seems amiss. Take advantage of any alert features so that you are notified when suspicious activity is detected. Your vigilance is an essential tool in fighting identity theft.
   

4. How can I get more information from Equifax?

Consumers with additional questions for Equifax can call the company's dedicated call center at 866-447-7559. The call center is open seven days a week from 7 a.m. to 1 a.m. Eastern time. Equifax told the New York Times it is experiencing high call volumes but is working diligently to respond to all consumers.

If you have questions about the Equifax data breach, cyber security, tax return fraud, or would like to learn ways in which you can reduce your risk, contact us by phone at 216.831.0733 or email at info@zinnerco.com. We are happy to help and ready to start the conversation.