Equifax breach creates lifelong identity theft threat
Consumers need to be ‘hyper-vigilant,’ analyst says
When a credit card gets stolen, it’s easy for the victim of the crime to shut down the card, get a new account number and avoid monetary loss.
But financial peril rises and can persist for years when personal data likely to stay the same forever get stolen like it did in the cyberattack on credit-reporting service Equifax.
Once hackers gain access to these key pieces of personal data it is at the cyber thieves’ disposal forever to cause harm.
“It’s very problematic for hackers to have all that important information all in one place,” said John Ulzheimer, a credit expert who once worked for Equifax and credit-score firm FICO. “This information is perpetually valuable. You are not going to change your name or date of birth or Social Security number. In five years they will be the same, unlike a credit card that takes five minutes to cancel over the phone.”
An estimated 143 million Americans had their personal data stolen in the Equifax cyber heist, according to the company.
The bad news is “this data will be used for years,” says Avivah Litan, a security analyst at Gartner. “So, as a consumer, you need to be hyper-vigilant.”
Instead of looking at your bank and investment statements monthly, for example, review them weekly, Litan advises. And report any fraudulent activity immediately.
Creating a new you
Armed with your digital history, hackers can file tax returns using your name and Social Security number to claim a refund. Or file fraudulent medical expense claims. Or attempt to open credit cards, rent an apartment, apply for electric service or get a loan and buy a house in your name without you knowing.
“These types of things can bleed over into your life,” Ulzheimer said. That’s why he advises people to check their credit reports on a “monthly basis,” just like balancing a checkbook.
And while worries about a damaged credit score, hijacked credit cards or thieves opening fraudulent accounts are among the first things victims think of after a data breach becomes public, there are other damaging uses of personal data they might not be aware of. These are “far more challenging for consumers to detect and more costly and difficult to repair,” warned Steven Bearak, CEO of IdentityForce, a Framingham, Mass., firm that offers identity, privacy and credit protection.
Some examples of noncredit-related illegal uses of victims’ personal data, Bearak says, include: » Medical ID theft. » Tax fraud. » Synthetic ID theft. “That one is really hard to detect,” Bearak said. “And the new ID impacts many people.”
Another risk is bad guys stealing your data and identity could get arrested, putting unsavory arrests, such as armed robbery or sexual assault, on your personal record.