Recommended actions following Equifax breach

September 12, 2017  //  FOUND IN: Updates & Resources

Equifax, one of three nationwide credit-reporting companies, recently announced a data breach affecting as many as 143 million Americans.

According to CNN: "Cyber criminals have accessed sensitive information — including names, social security numbers, birth dates, addresses, and the numbers of some driver's licenses. Additionally, Equifax said that credit card numbers for about 209,000 people were exposed, as was 'personal identifying information' on roughly 182,000 customers involved in credit report disputes."

What you can do

U-M’s Information Assurance recommends that you:

  • Keep clean machines. Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile and other internet-connected devices.
  • Monitor activity on your financial and credit card accounts. Check your online statements regularly and often. If appropriate, implement a fraud alert or credit freeze with one of the three credit bureaus; this is free and may be included if credit monitoring is provided post breach. For more information, visit the Federal Trade Commission website and
  • When in doubt, delete or ignore. Scammers and others have been known to use data breaches and other incidents to send emails and posts related to the incident to lure people into providing sensitive information. Delete any suspicious emails or posts, and get information only from legitimate sources.

Equifax response

The Information Assurance Office offers the following information, but leaves it to the individual whether they want to follow the steps below. Be aware that by signing up on Equifax’s help site, you risk giving up legal rights to sign up for a class action lawsuit or take individual action.

Equifax has created a website where you can check to see if you are affected. Visit the site, click the “Check Potential Impact” button, and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.

Next, you will be provided an opportunity to enroll in TrustedID Premier, an identity theft protection service, and provided an enrollment date. Make sure to put this date into your calendar as you will not be reminded of the date.

See the references below for additional information about the breach and dealing with identity theft.