Have you been hacked?
Uncertainty swirls as Oklahomans struggle to discover if they are affected by the Equifax breach.
I received a letter from Equifax Friday, informing me that I’m among the 2.5 million “additional potentially impacted” U.S. consumers whose name, address, Social Security number and driver’s license number were “potentially exposed” when cyber criminals hacked its website this past summer.
Argh. I thought I’d dodged that bullet.
Equifax credit reporting agency announced on Sept. 7 that some 143 million U.S. consumers, including at least 209,000 with compromised credit card information, are impacted. In late September, I visited the company’s website — www.equifaxsecurity2017.com — clicked on the “Am I impacted?” button at the lower left of its home page, and was told my information wasn’t impacted.
Still, just for precaution, I placed a free, 90-day fraud alert with Equifax at 888-7660008. A recording told me they’d alert the other two credit reporting agencies — Experian 888-3973742 and TransUnion 800-680-7289 — so I didn't have to call them.
Friday, I returned to the Equifax website to click on the “Enroll to Protect and Monitor Credit — Free” button at the lower right of its home page, and this reply popped up: “Based on the information provided, we believe that your personal information was NOT impacted by this incident.”
Huh? They’d just mailed me a letter stating otherwise.
I went ahead and enrolled in the free 12 months of credit monitoring. To verify my identity, they asked me to answer questions pertaining to information in my credit file, such as a former street residence or name of a lender on a car or mortgage loan. They sent me an activation email to confirm my identity further and complete my enrollment.
I’d recommend all readers, impacted or not, sign up for the free TrustedID monitoring program. What can it hurt?
I say that, but after my last column on the Equifax breach published early this month, several readers emailed me — questioning the validity of the website and more.
When the site asked for the last six numbers of his Social Security number, Chuck Ashcraft, of Weatherford, exited out. “Most places only want the last four numbers,” he said.
Daniel R. Hawbaker, of Edmond, checked with Equifax as soon as he heard about the breach and was told he could’ve been impacted.
“I was emailed to log on Sept. 17, which I did and they asked for my password.
I replied that I had never had a password,” Hawbaker said.
There was no reply, so he called twice afterward, Hawbaker said. After two and half hours on hold on the first call, he was told he’d soon receive a text, but didn’t. He called a second time and — after three hours on hold — the battery on his cordless home phone died.
Hawbaker since reached Equifax by email, was given a case number to use as a reference, and told he’d receive an email with a password. A week later, he was still waiting, he said. Meanwhile, he placed freezes on his credit with Experian and TransUnion within a week of the Equifax breach announcement.
Until you lift it, a freeze requires more layers and third-party verification to open financial accounts or make transactions, preventing fraudsters from using your personal identifying information to open cellphone accounts and more. The credit reporting agencies each charge Oklahomans $10 to place a freeze, but a friend said Equifax rescinded the $10 charge to his credit card, “likely covering their butt,” he said.
Though reader Vicky Morris and her husband have security monitoring through their USAA bank, they went ahead and placed credit freezes with all three agencies, she said. Morris said she doesn’t trust the Equifax site.
“I jumped through all their ridiculous hoops, after being initially informed our credit might have been breached, only to be told at the end of a bunch of information given that they were unable to help,” she said.
After learning that his information had been taken, my Midwest City High School classmate David Woodard not only placed freezes, but also got new credit cards. He’s not taking any chances.
At the very least, all of us should eyeball all of our account statements and report any unauthorized charges to our credit card companies and financial institutions. For example, on a credit card statement I received Saturday, I noticed a “suspicious” $1.09 charge at McDonald’s.
I texted my 16-yearold daughter and she explained that she and her boyfriend inadvertently used my credit card, versus her debit card, to get fries. Sigh.