A reader isn’t sure what she should do in the wake of the massive Equifax breach that exposed the Social Security numbers and other important information of more than 140 million people.  Click here to read  more about it.

“I’m still confused as to what to do about the Equifax hacking. After checking on the Equifax site to see if my info was taken, and it indicated it might have been, then news reports said even that site had insecurities. Plus I heard if one calls Equifax, plan on not getting through. I really don’t know how to proceed. Any advice is welcome.”

equifax-page-home

I was going to say it’s a confusing issue, but I don’t think confusing is the right word. Disappointment is the word that pops into my mind when it comes to many companies and the government when it comes to protecting your information.

As I mentioned in previous articles, many experts criticized the site Equifax set up to deal with the breach. (Plus, I got a positive result for having my information stolen by putting in the last name of Test and the 123456 as the last six numbers of my Social Security ID.  I’m not discounting the possibility that Ms. or Mr. Test somewhere actually as 123456 as the last six numbers on their Social Security card, but it does make me suspicious.

About all you can do is to monitor your name and Social Security number for suspicious activity.  Equifax is offering a free year of monitoring.  I realize there are issues with trusting a company that just leaked your info to do that. There are companies like LifeLock that also monitor your name and Social Security number for activity. But guess what?  LifeLock was also hacked a few years ago and even got in trouble with the government for not sticking to their promises to put a new security plan in place.

Some type of monitoring like LifeLock or Equifax’s ID monitoring is a good idea, but I can’t promise, especially based on past performance, that these sites are secure. Many banks and credit cards also offer this service. But as we all know, banks and credit cards are sometimes breached.  And the number of times federal, state, and local governments have experienced breaches and leaked private information in the past five years is almost too many to count.

You could put a security freeze on your credit score, which would restrict access to your credit report and make it difficult for ID thefts to open new accounts in your name.  The Federal Trade Commission has a guide to credit freezing that you can check out by clicking here.

Your best bet is a piece of advice that I read a few years ago:  Always assume your account has been hacked and act accordingly.  That means check every bill and every account. Change passwords occasionally and make those passwords as long as you can.

Also, don’t let your concern over this breach make you a prime target for scammers. There has been a rash of scam emails purporting to be from Equifax that ask you to click on links.  The folks at Equifax point out that any email from them will come from addresses ending in equifax.com, @trustedid.com, or e.equifax.com.  But your best bet would be to just go to Equifax’s security site at https://www.equifaxsecurity2017.com/ and proceed from there.

Equifax’s CEO, Richard Smith, retired this week, following the resignation of the company’s head of information technology and chief security officer.

It will be interesting to see what type of action the government takes against Equifax, especially considering how flimsy its security procedures are. But the government loves to sit in a glass house and throw stones.

As I said, all you can do is stay as vigilant as possible. That’s not very comforting, I know. But it’s like living in a very shady neighborhood where theives are always waiting to steal stuff from your porch, break into your house, or boost your car. You just have to make sure the doors and windows are locked and watch your back.