While the Equifax security breach only recently became public knowledge on 8th September, in many ways, it was a lifetime ago.
We were already on high alert for instances of identity theft. But the source, scope, and what seems like a justified feeling of betrayal associated with this particular breach have ushered in a new era of cybersecurity. 15.2m UK records were reportedly hacked. There was before the Equifax breach; now there’s after.
What does “after” look like, and how can we help you navigate it? You’ve no doubt noticed a barrage of articles covering what has happened and what others suggest you should do about it. Unfortunately, there is no one-size-fits-all regimen, but here are some of the most frequently cited actions I’ve seen, along with my commentary on them:
Check your credit report
Keeping an eye on your credit report has long been a best practice, and should continue to be, today more than ever. Check out the Government site for which providers to use.
Consider placing a fraud alert or a freeze on your credit
Deciding which (if either) of these actions makes sense for you depends on your personal circumstances. For example, if you’re frequently applying for credit, placing a freeze may be impractical. On the other hand, if you have been a victim of identity theft, an alert might not suffice. In this instance, it’s worth reading through the advantages and disadvantages before determining your next steps – this article is a good place to start.
Consider enrolling in a credit monitoring service
Equifax has offered to provide a year of free credit monitoring and identity theft protection via TrustedID Premier. I’ve seen mixed reviews on whether it makes sense to accept Equifax’s offer. First, there’s the whole trust issue raised by the recent breach. Plus, identity thieves have nearly endless patience, so one year of monitoring is only the beginning. That said, other independent services can be costly (especially if you’ve got an entire family to cover), and they may not ultimately offer much that you cannot do on your own if you so choose. It comes down to a cost/benefit analysis unique to you.
Regularly change the passwords and PINs on your financial accounts
Like regularly monitoring your credit reports, periodically changing your financial account login information has been and remains a best practice. Quarterly or at least twice a year makes good sense to me.
File your tax returns as early as you’re able
Filing early minimises the opportunity for an identity thief to file a bogus return on your behalf.
I’ve seen other tips and pointers besides these, some of which may be advisable as well. To avoid informational overload, here are three guiding lights:
- Pace yourself. As with any seemingly insurmountable challenge, it may be best to take things one step at a time, lest you lock up and end up doing nothing at all.
- Patiently prevail. Approach your security as an ongoing process rather than a quick fix. After determining which actions make sense for you, set up a routine and a schedule for implementing them. Write down your plans, and then follow them.
- Partner with us. We won’t go into sensitive specifics here but, as financial advisers, we have long been taking strong measures at our end to protect against hackers and identity thieves. That said, no system is impregnable. The more aggressively we join forces to thwart cybercriminals, the more likely we will ultimately prevail.
As this wise educator observed in reflecting on the Equifax breach, “Security isn’t a product. It’s a process.” Just as sensible investing involves taking appropriate near-term steps in the context of an ongoing, personalised plan, so too do we find it increasingly imperative to respond to this and future cyberattacks with upfront planning, well-reasoned action and continued best practices. Let us know how else we can assist with that!