Last Updated Jun 9, 2011 3:12 PM EDT
As the world becomes increasingly electronic, the exposure of your personal data becomes ever more likely. In fact, in the past year and a half alone, reported security break-downs at credit card companies, doctors' offices and retailers have put more than 34 million individuals at risk, according to the Privacy Rights Clearing House. Since 2005, some 533 million personal records have been exposed -- enough to expose every adult American to identity theft twice.
If your personal information has been exposed, you need to act quickly to protect both your money and your credit. Here are the six things you need to do.
Determine the type of breach: Find out exactly what data was exposed -- was it credit card numbers; Social Security numbers; passwords; email addresses? Each answer suggests a different course of action.
Establish a fraud alert: If your Social Security number was stolen, you need to immediately call the three major credit reporting bureaus and place a fraud alert on your file. (If you don't think you'll want to apply for credit in the near future, you might even place a "freeze" on your file, which precludes the possibility of anyone opening credit in your name.) The fraud alert requires that you be contacted before any company provides new credit on your account. (It's wise to put your cell number as the contact, just in case you want to get instant credit at a retailer while the fraud alert is in effect.) The numbers to call to establish a fraud alert:
- Equifax: 888-766-0008
- Experian: 888-397-3742
- TransUnion: 800-680-7289
If your credit card doubles as a debit card, be even more diligent with your bank account, checking it daily to make sure it's not drained before you get a statement. Your liability for fraudulent charges is limited with both credit and debit cards. But it can take time to get a bank to restore funds in your bank account, and that can cause real problems for you in the interim. (See the Dangers of Using a Debit Card.) So watch carefully and act promptly.
Beware "spear" phishing: The Citi crooks got names and email addresses, so victims can expect sophisticated phishing attacks, that use your name, your credit card number and your email in an effort to get you to expose more personal information. Do not reply to any email requesting "verification" of your account. If you think the bank is legitimately contacting you, contact them directly from the contact information on the back of your card. DO NOT CLICK THROUGH AN UNSOLICITED EMAIL. You may know not to fill in personal data when you've been directed to a site from an unsolicited email, but you may not realize that by simply visiting some sites, you'll open your computer to having malware installed on your machine that can collect and store your passwords and account numbers.
Get your credit report: You have the right to one copy of your credit report each year from each of the three major credit bureaus. That means you can get a credit report every four months, if you want to.
If you've never been a victim of a security breach, getting a report once annually is plenty. But if you're at risk, put it on your calendar to request these reports once every four months. Get the free report at annualcreditreport.com. To get them every four months, you'll need to pay attention to which company provided the previous reports, requesting first from, say, Equifax, and then moving through to Experian and TransUnion over the course of the year.
Review and correct: Innocuous inaccurate information--things like the wrong credit limit, or a closed account showing as open -- isn't necessarily a warning sign, but it still should be corrected. Write the correction in the margin and send it back with a note saying you'd like a new report as soon as the item has been fixed.
But if you detect warning signs of identity theft, you'll need to do more. What are the red flags?
- An unfamiliar home address
- credit listed on the report that you've never had
- inaccurate names or permutations of your name
- another Social Security number connected to your account (that does not belong to your spouse).
Kathy Kristof is the author of Investing 101 and a contributing editor at Kiplinger's Personal Finance magazine.
More on MoneyWatch
Best and Worst Airlines for Reward Flights
Best Gas Credit Cards
5 Dangers of Debit Cards
How to Become a Rich Landlord
6 Signs You Should Never be a Landlord
7 Reasons to Buy a Home Now