In the wake of the recent Equifax data breach, the Public Law Center (PLC) advises consumers to take precautions to protect their personal information. For approximately three months in 2017, hackers accessed people’s names, Social Security numbers, birth dates and addresses. For some consumers they also took driver license numbers, credit card numbers and disputes with personal identifying information. Because close to half the country is affected, it is unclear whether or not there is an immediate risk. However, when it comes to personal information, consumers can never be too cautious.

Every affected consumer can take certain steps to ensure their personal information is safeguarded to the extent possible. As a preliminary step, all individuals should visit the Equifax website, to determine if their personal information may have been impacted. The majority of people will see a response stating “Based on the information provided, we believe that your personal information may have been impacted by this incident.” Consumers will then see an offer to enroll in Equifax’s “TrustedID Premier.” We at PLC do not believe this is necessary.

We believe consumers should take at least two steps to protect themselves:

First, for the highest level of protection, consumers should request a credit freeze. This should be done with each of the three Credit Reporting Agencies, Equifax, Experian and TransUnion. The downside is that if a consumer is going to apply for new credit, a job, an apartment rental or new insurance, the consumer will need take an extra step and possibly enter a PIN that they chose or were given at the time they requested the freeze. There are fees associated with both the credit freeze and the credit “thaw,” but not more than $10 for each.

Second, consumers could request a fraud alert. Fraud alerts are free, but also require that the consumer contact all three credit reporting agencies, Equifax, Experian and TransUnion. Three types of fraud alerts are available: the consumer can request an initial fraud alert that lasts for 90 days, an extended fraud alert that lasts seven years, or an active duty military fraud alert that lasts a year and is only for those in the military.

The Credit Reporting Agencies and many other companies will promote their “Credit Monitoring” products in the wake of the breach. We at PLC do not believe these products are worthwhile, for a number of reasons: First and foremost, credit monitoring usually costs money (although Equifax is offering free credit monitoring for a year) and only alerts consumers about a problem after the fact. Additionally, clients can essentially provide themselves with credit monitoring by requesting a free credit report from each of the three credit reporting agencies, and stagger the requests, so that a report is requested every four months and reviewed for any fraudulent activity.

Ultimately, like any other data breach, affected consumers should quickly take steps to ensure their personal information is protected. And should a consumer discover that they are the victim of identity theft, there are many resources available, including from the Federal Trade Commission and the Consumer Financial Protection Bureau. PLC provides assistance to consumers facing identity theft, and will work with low-income consumers in Orange County who are facing these challenges. Interested individuals can call (714) 541-1010.

More information available at: (FTC) and (CFPB)