By Brian McGinley

Data breaches are an everyday occurrence affecting millions of Americans each year.

Just ask crafters who shop at , Sony PlayStation Network gamers and investors at Morgan Stanley Smith Barney.

They’re all vulnerable to identity theft and other fraud because their personally identifiable information (PII), such as a birth date or Social Security number, for example, was exposed. That information could be used to commit financial fraud.

What should you do if this happens to you? The first step is to call your insurance company or bank to see if you qualify for . We’ll help you assess your risk and, if warranted, take steps to make you less vulnerable.

For folks who are monitoring their accounts on their own, follow these 6 steps:

  1. Review the breached account. Identify what information it contained and what was compromised. Look for unauthorized activity, such as a change in address or telephone number.
  2. Change all user access credentials. If you use the same passwords for other financial institutions, change them. Watch financial statements—on paper and online—for unauthorized transactions. Be aware of potential email, phone and snail mail scams. Enable text and email alerts when possible.
  3. Notify existing creditors of the breach. Consider cancelling your cards and getting new ones. Take advantage of issuers’ services that alert you to unusual transactions.
  4. Place a fraud alert on your credit file. An alert placed with any one of the three major credit bureaus signals to potential creditors that you could be a victim of identity theft.
    • Initial Fraud Alerts last for 90 days and require potential creditors to confirm the legitimacy of your identity before granting credit.
    • Extended Fraud Alerts last for seven years. Victims of identity theft who provide credit bureaus with an identity theft report like are eligible.
  5. Review your credit reports for any unusual activity. Visit , the government-mandated source for free annual credit reports. Investigate suspicious activity and stay on top of it until the matter is resolved. Also, look for signs of fraud in your medical files, on your Social Security statement, in insurance claims, or in public records.
  6. Consider placing a security freeze on your credit report. This may be necessary if you’re experiencing fraud as a result of the data breach. A freeze locks access to your credit, so no one will be able to open a new account in your name. To determine whether a freeze is right for you, read more .

Check out our earlier article for more information on what to do when your PII is compromised in a data breach.

Brian McGinley, Senior Vice President of Data Risk Management,
With more than 30 years of experience in risk management, security, loss management and compliance within financial institutions, Brian has held senior positions at Wachovia Corp. and Citigroup. He served as board chairman of the Financial Services Roundtable/BITS Identity Theft Assistance Center.

Leave a Reply