As you likely know by now, Equifax, one of the three major US credit reporting agencies, recently reported a massive breach of their database, in which roughly 143 million Americans’ personal information was hacked.
It is very likely you were affected, but the question is, do you know if you were? And if so, what do you do now? Here is how you can find out and what you can do to protect yourself.
First, a little background in case you are not familiar with what happened.

Back in July, Equifax discovered that, starting sometime in May, cyber-criminals had exploited a vulnerability in a website application. Although they took immediate action to stop the attack, hackers had already likely made off with millions of consumers' names, social security numbers, birth dates, addresses, not to mention credit card numbers and other documents containing sensitive personal information. The attack affected individuals in the USA, Canada and the UK.
Equifax, to its credit, launched an investigation and began working with law enforcement to determine the source of the breach and its breadth. Equifax also began offering a free year of identity theft protection and credit file monitoring to all U.S. consumers.
To determine if your personal data has been exposed, here is what you do. First, go to Equifax's website and click on the tab "Potential Impact". There you can find out if your personal information was compromised. The site also lets you sign up for the free data protection and credit monitoring services Equifax is offering, which is actually available to you whether or not you were affected by the attack.
Here is an important tip to know before you do this. Because you will be entering personal information at this link, you should consider accessing the site from a secure computer on an encrypted network connection.
After you request the free service, the site will give you an enrollment date. Write that date down because you will need to come back to the site on that date to actually enroll. It is important to know that you have until November 21, 2017 to sign up for the free services. Also, Equifax plans to send direct mail notices to consumers whose credit card numbers or dispute documents were accessed.
There are other actions that you can take to protect yourself as well. For instance, if you suspect your information is being used nefariously, you should call any company or institution involved and ask for the fraud department. Explain your suspicions and get them involved. Further, change log-in information, passwords and PINs.
You should also consider freezing your credit. What exactly does that mean?
Well, freezing your credit makes it harder for someone who has your information to open new accounts, take out loans, etc. in your name. You do this by contacting the three main credit reporting agencies, Equifax, Experian and TransUnion, and asking them to do so. They will give you a PIN that you will need to keep and safeguard. You will have to provide this PIN to any future legitimate creditor in order for them to check your credit rating.
There may be a charge for the credit freezing service, and it is important to know that freezing your credit will not keep a cybercriminal from charging things to any existing accounts you have.
Another action you can take is to place a fraud alert to warn creditors that you may be a victim of identity theft. Fraud alerts are free from the credit reporting agencies listed above and last for 90 days. After that, you can renew a fraud alert as deemed necessary.
Also, be sure you obtain the free annual credit reports available to you from the three agencies mentioned above. Identity theft usually results in accounts or activity that you will not recognize. Consider staggering those requests throughout the year, for example, requesting one from a different agency once per quarter.
For ongoing protection, some consumers are turning to services such as LegalShield and LifeLock, to name two of the many out there. Be sure to research carefully the specific coverages, guarantees and fees before subscribing, as they can be quite different.
Remember, loss from identity theft can happen long after your information has been compromised, so do not be lulled into a false sense of security after taking initial action. You must continue to be on guard, and continuous credit monitoring is essential. Watch those credit card and bank accounts closely for activity that looks suspicious, and report any such activity as soon as you notice it.
Lane Keeter, CPA is Office Managing Partner of the Heber Springs Office of EGP, PLLC, CPAs & Consultants