Posts

What It Is

Scammers are looking to cash in on the buzz surrounding the Equifax data breach, specifically the ability for consumers to check their data and file a claim if they were affected.

Who It Is Targeting

Any consumers who may have had their information stolen in the Equifax breach could be at risk of an Equifax settlement scam, but scammers may also seek out people who were not affected in order to sell them protection products.

What You Need To Know

Equifax is one of the three major credit reporting agencies, and they were breached in 2018. More than 147 million consumers had their complete identities stolen by hackers. Now, Equifax has launched its settlement website where you can find out if your information was stolen, file a claim for compensation and apply for credit monitoring. Equifax settlement scammers are capitalizing on the buzz surrounding this new website and have already targeted victims.

What You Should Do About It

  • Make sure you are only using legitimate websites for this process, namely the FTC’s site and EquifaxBreachSettlement.com.
  • You do not have to pay anything to file a claim, look into your data, receive credit monitoring services or otherwise participate in this settlement.
  • Never verify your information for someone who contacts you and offers to find out if you have been affected.
  • Never hand over your Social Security number to someone who contacts you in any way.

Read next…

How to File an Equifax Claim for Data Breach Settlement

SCAM: Your Social Security Number Has Been Suspended

New Tool Breach Clarity Helps Consumers Make Sense of Data Breaches

 

Capital One, Who’s in Your Wallet?

Announced Monday, July 29, 2019, a Capital One Data Breach puts 106 million consumers at risk. The credit card company released a statement citing “unauthorized access by an outside individual” that occurred in March of 2019, as the cause of data breach. The breach puts consumers at risk who applied for a credit card with Capital One and their existing customers. The company approximates that 100 million Americans and 6 million Canadians’ information was exposed.

Small businesses and individuals were victims in the Capital One data breach with information disclosed including name, address, date of birth, email address, credit scores, credit limits, payment history, and balances. Roughly 80 thousand linked bank account numbers of credit card customers were also exposed. Capital One reports that no credit card information was compromised. They also say 99 percent of Social Security numbers (Social Insurance numbers for Canadians) were not exposed, although 1 percent of 106 million is still 1.06 million affected consumers between the U.S. and Canada.

Take Action Now

If you are a victim of the Capital One data breach, the company has announced it will “notify you through multiple channels.” Lacking specifics, Identity Theft Resource Center suggests taking a proactive approach if you think you could be a victim of the breach.

Freeze Your Credit

This includes steps like freezing your credit report and checking financial statements. Try logging onto your account to see if there are notifications regarding the breach waiting for you.

Be Aware of Scams

Also, be wary of anyone calling in regards to the breach and asking to collect personal information. Capital One is not notifying victims via phone and asking for Social Security numbers or financial information, if someone contacts you in this regard it is a scam.

Document Your Steps

Also, start documenting your activities utilizing the ITRC’s ID Theft Help App – that way if you need to provide the documentation on what you’ve done in the future, you have recorded the time and effort you’ve spent.

While there is no proof that the compromised information has been used to commit identity theft or fraud, there is no time limit on identity crime. Millions of user information has been exposed, and there is no taking it back from the hacker or the places she chose to distribute it. The victims of the Capital One data breach will be offered credit monitoring and “identity protection” at no-cost, but the company does not offer details on the length or terms of these services.

The credit card company says the data breach was allowed by a configuration vulnerability and they have since fixed the issue. Capital One also worked with the Federal Bureau of Investigation (FBI) and the alleged hacker has been arrested, an unusual event compared to most data breach cases.

Sign Up For Identity Theft and Data Breach News

Sign up for the TMI Weekly to stay in the know about potential threats to your identity/privacy and tips to keep you safe. Our monthly breach alert keeps you posted on the latest trends and activity in the world of breaches.

Free Identity Theft Assistance

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

This news is currently evolving and we will update as announcements are made available.  


You might also like…

How to File an Equifax Claim for Data Breach Settlement

How To: Place a Free Credit Freeze

New Tool Breach Clarity Helps Consumers Make Sense of Data Breaches

 

By Eva Velasquez, CEO & President of Identity Theft Resource Center

The Equifax data breach of 2017, exposed the personal identifying information of over 148 million Americans. One Hundred Forty-Eight Million. To not be affected by, or know someone affected by the breach was nearly impossible. The data exposed was some of the most personal, like Social Security numbers, full credit histories, financial account information and names and addresses. The breach had a strong negative impact and broke consumers’ trust. Equifax – one of the three main credit reporting agencies (CRAs) – was widely regarded as a dependable company and a necessity to work with to be able to secure lines of credit. Americans gave them personal information in exchange for a necessary service, and Equifax failed to protect them.

Now, an Equifax data breach settlement has been reached in the case of the 2017 incident. The credit reporting agency will pay up to $700 million, the largest breach settlement to date. The funds will be split between paying civil penalties and compensating victims. While a large amount of dollars dedicated to Equifax’s efforts to correct their wrongs can be seen as a good thing, the way these dollars will be dispersed among the effected population is relatively unclear.

At least $300 million and up to $425 million of the settlement will go toward victim redress. This includes providing free credit monitoring, reimbursing victims who paid out of pocket to protect or recover their identity and offering identity recovery services. However, the weight will still be placed on the consumers. Victims will have to file a claim, a process that still has not been disclosed, to receive any of the compensation pool. For now, the Federal Trade Commission is recommending that victims save all physical evidence of efforts to secure their identity because of the Equifax data breach and sign up for email updates. Putting the burden of proof on the consumer, not the company responsible for the breach.

Many questions remain: What victims will qualify for reimbursement? How will victims provide accurate evidence of their efforts and misfortunes? Is this fund only for victims who purchased identity theft services? What is the option for victims who did not have the resources then or now to purchase paid services or avail themselves of free services like those Identity Theft Resource Center provides?

Read next: How to File an Equifax Claim for Data Breach Settlement

If all victims filed claims and funds were distributed equally to all 148 million people, each would receive fewer than $3.00 in funds or cost of assistance. This does not accurately reflect the true value of the data that was compromised. Additionally, while the free credit monitoring services offered can span up to 10 years – a large increase from the historical settlement of 1-2 years – identity theft has no expiration date. The threat of identity theft does not decrease as more time passes from the date of the breach. The victims are perhaps more vulnerable as time goes on and they become less diligent in reviewing potentially affected accounts. Personal identifying information can be used to commit identity theft or fraud no matter the date it was exposed. There is no timeline for identity theft, but there is a cap on how many years Equifax will provide free services to victims per the settlement.

The other $275 million of the settlement will be used to pay civil penalties – $175 million to 48 states, Washington D.C. and Puerto Rico and $100 million to the Consumer Financial Protection Bureau. We believe the best use of these dollars would be funding consumer assistance programs within these organizations to continue to help victims of this and other data breaches.

In addition to the monetary payout, the settlement also requires Equifax to comply with more rigorous security standards. While this is not as flashy as a large dollar amount, it is perhaps even more important. It is the industry saying we need to hold our companies more accountable for the privacy of consumers. These standards include regular audits, dedicated staff for security and third-party safeguards. While a step in the right direction, companies must remember the speed of which the industry changes. The best security standards by today’s measures might be the worst a year from now. We must continue to petition businesses to protect consumer privacy and urge consumers to take the necessary precautions to minimize their risk of identity theft and fraud.

If you are a victim of identity theft in need of assistance, you can receive free remediation services from ITRC. Call one of our expert advisors toll-free at 888.400.5530 or LiveChat with us.

If you are a member of the media and would like to contact ITRC regarding the Equifax breach, please email media@idtheftcenter.org.

For on-the-go assistance, check out the free ID Theft Help App from ITRC.


You might also like…

How to File an Equifax Claim for Data Breach Settlement

New Tool Helps Consumers Make Sense of Data Breaches

How To: Place a Free Credit Freeze

In 2017, criminals accessed Equifax’s database of consumers exposing the personal identifying information of over 148 million Americans. Equifax, one of the three main credit reporting agencies (CRAs), noted that Social Security numbers, addresses, birth dates and credit card information were all apart of the information exposed. This data breach created an increased risk of identity theft for millions of Americans. Now over two years after the breach was reported, a settlement has been reached. Details are still emerging but it’s important to understand the basics of what we know today.

The Equifax settlement agreed to pay up to $700 million dollars for harms caused by the data breach – the largest monetary settlement in data breach history. In the settlement, filed on July 22, 2019, Equifax agreed to spend up to $425 million to help the victims of its 2017 data breach. An additional $275 million will be spent to pay civil penalties. Also included in the Equifax settlement is the requirement to update security protocol and increase measures to protect consumer information.

If your information was exposed in the data breach, Equifax should have notified you directly via mail. A part of the settlement, a new breach claim site will also have a tool for consumers to check if their information was exposed. If you were affected by the breach, the Equifax settlement is offering certain benefits to minimize your risk of identity theft.

Settlement Benefits for Victims

First, Equifax will provide a total of up to 10 years in free credit monitoring services. The first 4 years will be provided for all three major CRAs – Equifax, TransUnion and Experian. Then Equifax will provide the services for monitoring their report for an additional 6 years. If you were a victim of the breach and a minor, even more services are available at no cost. If victims choose to opt-out of the free credit monitoring option, they may be eligible for a $125 cash payment.

Second, victims who have already dedicated resources to protecting their identity because of the Equifax breach could be reimbursed up to $20,000. This includes time spent protecting your identity or efforts to recover it. It also includes any money spent like the cost of lawyers or fraudulent financial charges. It’s unclear what the specifics behind how to obtain this reimbursement, but consumers will most likely bear the burden to prove the impact in order to receive compensation.

Finally, if you did fall victim to identity theft because of the breach Equifax is providing free restoration services. These services are offered for up to seven years and can be used if someone steals your identity or if you are a victim of fraud. Again, it’s unclear how consumers will have to prove that they were directly victimized as a result of the breach, but as details emerge we will share information.

As of July 24, 2019, the settlement administrator is now accepting claims. The deadline to file a claim is January 22, 2020. Find the full details here: https://www.equifaxbreachsettlement.com/

Read our guide on How to File an Equifax Claim for Data Breach Settlement

Beyond the financial impacts of the breach, nearly 90 percent of respondents said they experienced adverse feelings or emotions within one year of the initial event as reported in The Aftermath: Equifax One Year Later study by Identity Theft Resource Center.

Stay Updated with Alerts

The Federal Trade Commission (FTC) says the settlement is still in process and claims can be made after court approval. The FTC is regularly updating information as it becomes available at ftc.gov/Equifax.

Steps to Reduce Your Risk

Being a victim of the data breach does not automatically make you a victim of identity theft; however, it does greatly increase your risk. There are some steps ITRC recommends that can reduce your risk of identity theft. You can also call to speak with one of our expert advisors at no-cost at 888.400.5530 or livechat to learn more about your risk and preventative measures.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


You might also like…

How to File an Equifax Claim for Data Breach Settlement

How To: Place a Free Credit Freeze

New Tool Breach Clarity Helps Consumers Make Sense of Data Breaches