For anyone trying to keep their personal information secure, recent headlines have been a grim kick in the pants. The harshest came last month when the National Public Data breach was disclosed—the source of a purported 2.9 billion records spilling onto the dark web. But it wasn’t the only prominent data leak. In early September, Medicare contacted almost one million beneficiaries about a loss of personal identifiable information related to a vulnerability in third-party software.
In other words, your social security number—central to filing taxes, applying and maintaining credit, and receiving certain US government benefits—is very likely available to hackers and would-be criminals for exploit. And if it isn’t yet, the unfortunate reality is that another data breach will inevitably change that.
You don’t have to wait for trouble to find you, however. You can take several steps to minimize the possibility of identity theft or fraud in your name, since other details like your full name, birthdate, and residence are also likely loose in the wild. Here’s what to do.
Further reading: Data breaches are everywhere—but you still need to pay attention to them
1. Check to see what details have leaked
PCWorld
PCWorld
<div class="scrim" style="background-color: #fff" aria-hidden="true"></div>
</div></figure><p class="imageCredit">PCWorld</p></div>This step isn’t strictly necessary since you can take precautionary measures whether or not you’ve been caught in a major data breach. But confirming if your info was leaked can be helpful—like when convincing yourself or loved ones to take action.
Generally you shouldn’t volunteer your personal details to websites claiming to check if you were caught in a data breach, especially if you don’t know who runs them. But several have been vetted, with a couple dedicated specifically to the National Public Data breach—and don’t require sensitive info for verification.
- NPD Breach Check (npd.pentester.com)
- National Public Data Breach Check & Search (npdbreach.com)
For more details on these two NPD-specific sites, my former colleague Michael Kan dives into who runs them (one a cybersecurity firm, the other a data removal company). The NPD Breach Check site returns multiple listings linked to full name, state, and birth year you input, while the National Public Data Breach Check & Search site returns more granular results based on full name + zip code, social security number, or phone number.
If you’re still wary of these sites or want broader, more long-term monitoring, you can also get notifications through Google’s Dark Web Report service and some paid antivirus subscriptions. Have I Been Pwned is also an excellent resource for data breach notifications, though your email address must be part of the lost data for it to work.
2. Freeze your credit reports
PCWorld
<div class="lightbox-image-container foundry-lightbox"><div class="extendedBlock-wrapper block-coreImage undefined"><figure class="wp-block-image size-large enlarged-image"><img data-wp-bind--src="selectors.core.image.enlargedImgSrc" data-wp-style--object-fit="selectors.core.image.lightboxObjectFit" alt="Experian Security Freeze site" class="wp-image-2461589" width="1200" height="675" loading="lazy" /></figure><p class="imageCredit">PCWorld</p></div> </div></figure><p class="imageCredit">PCWorld</p></div>Freezing your credit costs nothing and keeps fraudsters from opening credit cards and loans in your name—a smart move when your full name, date of birth, and social security number are floating around on the internet.
You must perform the security freeze with each credit bureau. In the US, the three major ones are Equifax, Experian, and TransUnion. For thoroughness, you can also freeze your report with Innovis, a smaller fourth credit bureau.
Once frozen, your credit reports become only available to you. If you need to allow a third-party credit check, like when renting a new apartment or opening a new line of credit, you can temporarily lift the freeze through the Equifax, Experian, and TransUnion websites or through their phone lines. You’ll need the PIN issued to you in order to request the temporary lift.
3. Check your credit reports
PCWorld
<div class="lightbox-image-container foundry-lightbox"><div class="extendedBlock-wrapper block-coreImage undefined"><figure class="wp-block-image size-large enlarged-image"><img data-wp-bind--src="selectors.core.image.enlargedImgSrc" data-wp-style--object-fit="selectors.core.image.lightboxObjectFit" alt="AnnualCreditReport.com" class="wp-image-2461594" width="1200" height="675" loading="lazy" /></figure><p class="imageCredit">PCWorld</p></div> </div></figure><p class="imageCredit">PCWorld</p></div>While dealing with your credit reports, you should also have a look at them for any fraudulent activity. You can do so weekly through the official website (AnnualCreditReport.com) or request paper copies once per year through the phone or by mail.
If you spot inaccurate details, you can dispute them—and if you think you see signs of identity theft, you can report it and begin remediation.
4. Request an IRS Identity Protection PIN
Autentifică-te pentru a adăuga comentarii
Alte posturi din acest grup
A lot of gamers go to great lengths to find a portable retro gaming d
There’s a common misconception about PCIe 5.0 SSDs that since they’re
Microsoft’s controversial Windows Recall has now been generally relea
