How to Protect Yourself After a Bank Data Breach
In recent years, data breaches across various retailers, credit bureau Equifax, and the most recent, the Capital One data breach, have made data breaches seemingly inescapable. Since consumers rely heavily on the security measures these companies use, there’s not much you can do to prevent a data breach.
This can be especially troubling if the financial institutions that you bank with fall victim to a breach. If you believe your personal information was stolen during a bank data breach, there are a few steps you can take to protect yourself.
1. Request a credit freeze
Reach out to the three credit bureaus to request a temporary credit freeze. A credit freeze restricts access to your credit file so that no new credit accounts can be opened under your name unless you lift, or “thaw” the freeze. This is particularly useful if you believe you’re a victim of identity theft as a result of a past retail or bank data breach. For example, if you’ve received bills from services or companies that you don’t have an account with.
Companies you have active accounts or relationships with can still access your file, along with other agencies, like government, debt collection, and child support. Requesting a credit freeze can be done online or over the phone. Here’s how to initiate a credit freeze.
Equifax: Visit the Experian Security Freeze page.
Experian: Go through the Experian Freeze Center or call 1-888-EXPERIAN.
TransUnion: Visit the TransUnion Credit Freeze page.
Freeing your credit temporarily is completely free, but be aware that this might impede legitimate access to credit. For example, if you need to take out a mortgage or need to refinance your student loans, a credit freeze will need to be lifted beforehand.
You can easily request a credit freeze lift through the same way you initiated it, and the lift is generally active within one hour.
2. Set up a fraud alert
If you’re not quite ready to freeze your credit, the next best step is activating fraud alerts through each credit bureau. Fraud alerts are a signal to creditors that you might be a victim of identity theft due to a data breach; it’s also commonly used by active-duty military service members.
This alert prompts creditors to perform extra identification steps before opening a credit account under your name. If you’d like to request fraud alerts on your credit report, reach out to:
Equifax: Visit the Experian Security Freeze page.
Experian: Go through the Experian Freeze Center or call 1-888-EXPERIAN.
TransUnion: Visit the TransUnion Credit Freeze page.
There are three types of credit alerts: a one-year initial alert, a seven-year extended fraud alert, and an active duty fraud alert. Like a credit freeze, fraud alerts are free.
3. Change your bank passwords
Do a sweep of all your passwords, especially ones that may have been compromised in a bank data breach. It’s a common, but an unwise, habit to create similarly worded or phrased passwords across multiple accounts. After a data breach, however, criminals may use your personal information to access other financial accounts.
Choose passwords that are at least eight characters long, with a mix of numerals, letters, and punctuation, if possible. Some device operating systems, like Apple iOS, make this easier with its built-in feature. The password generator creates a strong, complex password for you whenever you create a new online account.
4. Sign-up for credit monitoring
Although you should also routinely review your credit report, accessing a free report through AnnualCreditReport.com is limited to one report per year from each bureau. After a bank data breach, there’s no saying when your stolen data might be used — it could be soon after the breach or months later.
If you’ve already ordered your free credit report recently and don’t want to pay for a report each month, credit monitoring can help. This type of service tracks the activity on your credit file, such as hard inquiries and new accounts which helps you spot suspicious activity early.
Many credit monitoring services charge a fee, but some, like Credit Karma, are free. Keep in mind, however, that Credit Karma only monitors activity on your TransUnion and Equifax credit reports. Experian offers its own credit monitoring service that’s free for the first 30 days and $19.99 per month, thereafter.
5. Monitor all of your accounts
After you’ve taken the above steps after a bank data breach, the next most effective step is to diligently monitor each of your financial accounts (e.g. checking accounts, savings accounts, credit card accounts, etc.)
You can set up your own activity alerts through your financial institutions. A helpful trick is setting your notification threshold to $0. This way, even if an unauthorized charge of one dollar goes through, you’ll receive an email or text notification, and know to contact your bank or card issuer immediately.
When you receive your monthly statement, it’s also a good idea to review everything on the account to make sure it’s accurate. These details include account transactions, balance due, and your personal information.
It’s challenging to avoid a bank data breach altogether, but know that there is recourse if your data gets entangled in a breach.