MENU
component-ddb-728x90-v1-01-desktop

Equifax breach bigger than first thought

Credit bureau says private security firm investigating breach uncovered 2.5 million more potential victims.

The private security firm Mandiant, hired to investigate the massive Equifax data breach, says hackers may have stolen the personal information of 2.5 million more people than Equifax first announced. That brings the total to 145.5 million American consumers likely at risk.

The news comes as the company's former CEO Richard Smith prepares to testify before Congress on Tuesday. Smith resigned last week amid the backlash against the company and its response to the breach.

Equifax recently announced plans to offer a new service giving consumers the ability to lock and unlock access to their credit data for free, for life. The company promises to roll out that new program by Jan. 31.

But a recent poll suggests many Americans have yet to take action, possibly as the result of repeated problems with the Equifax Data breach website set up to answer consumer questions and facilitate the verification of consumer vulnerability.

The poll, by student loan marketer lendedu.com, shows nearly 85 percent of Americans have heard about the Equifax breach, but more than 55 percent have still not checked to see if their information was hacked.

Financial experts at Consumer Reports meantime urge consumers to consider the two most recommended courses of action: a Fraud alert and or a Credit Freeze.

The simplest move is to put a fraud alert in place, warning prospective lenders that your information has been compromised. A fraud alert requires a lender to take reasonable, extra steps, to confirm that the person trying to open a new credit account, is in fact you.

Activating a standard fraud alert is free, just contact any one of the three big credit bureaus: Equifax, Experian or TransUnion, who then notify the other two. Typically, a fraud alert lasts 90 days. Which means you have to re-up every three months.

A stronger option is a credit freeze which you need to request from each of the three major credit bureaus. It may involve a fee, but once in place, a freeze is the single, most effective way to protect against credit fraud.

Most creditors need to see your credit report before they issue you new credit. But if you have a freeze on your account, they can’t pull your file and may not extend you credit, which should stop fraudsters.

The downside, is a freeze can also shut out companies you want to do business with. So, if you’re in the market for a car or a home loan or even a new cell plan, take care of it before you institute the freeze or you may get hit with extra fees to lift the freeze and re-instate it.

If can prove you’re already a victim of I-D theft, a seven-year, extended fraud alert is also available.

On Oct. 3, former Equifax CEO Richard Smith is expected to tell congress that Equifax was warned by the Department of Homeland Security in early March about the need for a security patch in its software. Smith admits the patch was not made.

Smith says Equifax's system was likely hacked from May 13 through July 31. The company didn't tell the public about the intrusion until Sept. 1.


Trending