Capitol One in your wallet?

This is the one thing you should do now to protect yourself.

WASHINGTON — Another day, another major data breach. But there is one thing that you should do now to put up a serious roadblock for identity thieves.

Before I get into this strategy, here’s a recap of the past week.

Capital One Financial Corp. disclosed Monday that a hacker was able to access the personal information — names, addresses, phone numbers, email addresses, dates of birth and self-reported income — of more than 100 million customers in the U.S. and 6 million more in Canada. The breach included information on not just the bank’s current customers but also people who had applied for its credit card products.

Additionally, 140,000 of Capital One’s customers had their Social Security numbers stolen, and about 80,000 bank account numbers linked to Capital One secured credit cards were compromised.

This breach comes within a week of the Equifax multimillion-dollar settlement for failing to protect the personal data of about 140 million of its consumers.

Each breach is a reminder that you need to take various steps to protect yourself. But I’d like to go over some of the recommendations and point out where the action still leaves you exposed to fraud or identity theft.

The action: Sign up for credit monitoring. “We will make free credit monitoring and identity protection available to everyone affected,” Capital One said in a statement.

Why you’re still vulnerable: Credit monitoring is like putting a Band-Aid on a deep cut. It provides some relief, but the protection comes after the injury.

I am guarded by two credit monitoring services, courtesy of two major data breaches that affected my personal data. And yet, I’ve had four incidents of fraud this year alone. Monitoring alerts you to something nefarious only after it’s happened.

The action: Monitor your accounts. Sign up for alerts on all your accounts.

Why you’re still vulnerable: Most recently, thieves were able to make $200 worth of fraudulent purchases on one of my credit cards in just seconds. I had an alert set. But I couldn’t freeze my credit card soon enough. The charges were processed, and I spent a few days dealing with the fallout.

The fraud incident happened a week before my bill was due. I always pay in full. The customer representative told me to just make a payment for what I legitimately owed minus the fraudulent charges. But here was the problem: I would be charged interest on the remaining balance. I was assured the interest charges would be reversed once the fraud investigation was complete.

No, ma’am, I told her. That would mean additional worry and time spent making sure the interest fees were removed. After a few more calls, the charges were removed before my bill due date.

The action: Change your passwords often. It’s a pain but we have to do this.

Why you’re still vulnerable: If the crooks get your email address and other personal information, they could still get around protection protocols. For example, a security question might ask you to verify that you have or had in the past a certain credit account. This is precisely the information stolen in the Capital One breach.

Set up two-factor authentication. Again, this is a vital level of security.

Why you’re still vulnerable: Your credit card account can still be compromised in spite of having it.

There is one step that is notably strong in protecting you against fraud.

“Most of the data that the average consumer thinks is private is in fact not, and is available for free online in various databases or for sale in the underground,” said Brian Krebs, author of the security blog “The only sane response to the fact that the bad guys already have access to all the information they need to hijack your identity is a credit freeze.”

A law enacted last year gives consumers the right to a free credit freeze, also known as a security freeze, at all three major credit bureaus — Equifax, Experian and TransUnion. You can learn how to place a freeze at these bureaus on the Federal Trade Commission’s website: Search for “Credit Freeze FAQs.”

With a freeze, the credit bureaus can’t release any information for new credit accounts without your permission.

But I have to warn you: A credit freeze isn’t foolproof. There are quite a few exceptions as to who can still view your files. For instance, financial companies with whom you currently do business — or to whom you owe money — can still see your files.

“Credit freezes don’t work for noncredit ID theft, such as tax or medical ID theft,” said Chi Chi Wu, staff attorney at National Consumer Law Center.

Even with its limitations, a freeze is a barrier that’s worth putting in place to ice out criminals capitalizing on these data breaches.

— Washington Post Writers Group

More in Herald Business Journal

Debris found in fuel tanks of 70% of inspected 737 Max jets

Boeing said there’s no way to know how many planes have the same problem until they’re all inspected.

Delays in 737 Max certification flights may slow jet’s return

The ungrounding of the Boeing aircraft could be pushed to late June at the earliest, one source said.

Alaska Airlines will buy 200 new jets over the coming decade

The purchase includes many Boeing 737 Maxs, and maybe some Airbus A321 jets.

Wells Fargo to pay $3B to resolve probes into fake accounts

The company’s reputation has never fully recovered from the sales scandal, even four years later.

No flashing lights planned for giant Port of Everett cranes

The Port sought public input on making them blue and adding lights or keeping them as they were.

Community leadership in an election year

Leadership is not a spectator sport, nor is citizenship. Let’s lead the way. Connect. Listen. Act.

Boeing finds debris in wing fuel tanks of several 737 Maxs

The company did not say what the objects were found, but one report said they included tools and rags.

Boeing asks that its big state tax break be suspended

The company hopes the move will resolve a trade dispute involving European rival Airbus.

Charge: Lynnwood tobacco smuggler dodged $1 million in taxes

The man, 57, reportedly dealt in illicit cigarettes. Tax returns claimed he sold hats and T-shirts.

Most Read