In the past few months, I have been hit several times by scammers. Someone hacked my online Target account and ordered an expensive camera that I had to return. In a matter of seconds, crooks spent $200 on my credit card before I could freeze it. I also had to cancel a premium delivery service offered by UPS that an identity thief had signed up for in my name with the intention, I assume, of rerouting fraudulently purchased items.
I now have so many alerts set up on my various financial accounts that the notifications beeping all day make me feel like I’m in a cartoon episode of Wile E. Coyote and the Road Runner. I don’t dare turn off my smartphone for fear of missing a beep that signals another attempt to compromise an account.
Then there are the constant telephone calls from con artists with just enough of my personal information to make their schemes to steal my money seem believable. I can’t answer the phone anymore without first checking the caller ID, and even then it’s possible that scammers have spoofed the telephone number from a legitimate government agency or business that I have a relationship with.
Criminals often gain access to our personal information because companies fail to protect their databases.
When there’s a major breach, consumers usually get a year’s worth of free credit monitoring. It’s something, but it’s not sufficient to fix the issue, because the notices you get as part of a monitoring service are after the fact — that is, after something suspicious or fraudulent may have occurred.
At least some of the redresses are getting better even if they still fall short of complete protection. Last week, the Federal Trade Commission announced a deal with Equifax following an epic breach that affected about 147 million people.
The FTC alleged that Equifax didn’t make a patch in its network in 2017 after being alerted to the security vulnerability. As a result, people’s names, Social Security numbers, birth dates, mailing addresses and, in some instances, driver’s license numbers were exposed, putting people at risk of identity theft.
Without admitting guilt, Equifax has agreed to pay at least $575 million, with the total possibly reaching $700 million. The concessions in this settlement are better than usual, but still not enough.
Here’s what’s been offered and what I think consumers should have received.
Good: Equifax has agreed to provide adult consumers with at least four years of credit monitoring at all three major credit bureaus. Consumers get an additional six years of free credit monitoring but only of their Equifax credit report. In lieu of the credit monitoring, consumers can opt for a cash payment of $125. People who were minors in May 2017 are eligible for 18 years of free credit monitoring. Minors will also get at least four years of three-bureau credit monitoring. The remainder will be the one-bureau (Equifax) monitoring.
Better: The additional six years should cover credit monitoring of all three major bureaus — Equifax, Experian and TransUnion. And why not provide the full 10 years of monitoring all at once? The data that was stolen in this breach is permanently out there for criminals to exploit.
Good: Equifax has agreed to pay U.S. consumers $25 an hour up to a maximum of 20 hours if they’ve had to deal with identity theft. For 10 hours or less, you simply need to describe your actions and time spent. For claims of more than 10 hours, you’ll have to show more proof.
The company will offer up to $20,000 for documented losses and expenses directly related to identity theft. Additionally, consumers who purchased Equifax credit monitoring or identity-protection products between Sept. 7, 2016, and Sept. 7, 2017, are entitled to a refund of up to 25% of the total paid.
Better: People who purchased identity-theft credit monitoring from Equifax in the year before the breach should have received a full refund.
Good: Consumers are eligible for at least seven years of free assisted identity-restoration services to help them deal with issues related to identity theft and fraud.
Better: Set up a dedicated customer-service line to walk people through freezing their credit files. All consumers are now able to place and remove a “security freeze” on their credit files for free. It’s far better than credit monitoring. With a freeze in place, potential lenders can’t see your files. This can better thwart identity thieves from using your financial information to open credit cards or take out loans in your name.
For now, take advantage of every single thing you’re entitled to in the settlement, which still has to be approved by a court. Go to equifaxbreachsettlement.com to file a claim. For more information, call 833-759-2982.
This is our life now: Endless efforts to avoid being victimized because our personal data has been stolen. So any settlements reached ought to go as far as possible to ease our burden.
— Washington Post Writers Group