Scam of the day – September 18, 2017 – Update on Equifax class actions

The fallout from the huge data breach at Equifax affecting 143 million Americans continues.  Senators Orrin Hatch and Ron Wyden of the Senate Committee on Finance have sent requests to Equifax for detailed information about the data breach.  In addition, the number of class actions filed against Equifax related to the data breach is now up to twenty three.

Class actions are lawsuits brought by a few individuals on behalf of many others similarly situated.  It is an effective way for consumers to seek redress from companies and the lawyers are paid on a contingency basis so there are no out of pocket expenses to the people who make up the class of harmed individuals.  Once the cases have been certified by the judges hearing the cases as appropriate  for class action status a federal panel will be convened to join the cases into a single lawsuit on behalf of all of the victims.  At that time there will be, most likely, a negotiated settlement, but if one cannot be reached, a trial will occur.   Generally in class actions, class members have the opportunity to either opt in or opt out of the class action, in which case they could bring their own individual lawsuits, although this is rarely productive.

TIPS

I will keep you informed as to the progress of the class actions so that you will be able to make intelligent decisions as to what to do in your own particular case in this matter.

Meanwhile it is imperative, if you have not already done so that you get copies of your credit reports from each of the three major credit reporting agencies and that you freeze your credit at each of the three major credit reporting agencies.

You can get your free copies of your credit reports by using this link.

https://www.annualcreditreport.com/index.action

Here are links to each of the credit reporting agencies for information about how to put a credit freeze on your credit reports: 

Scam of the day – September 10, 2017 – Further important Equifax updates

It is unusual here at Scamicide to discuss the same scam for multiple consecutive days, however, the massive Equifax data breach story is continually evolving, affects you and warrants such coverage.

Under pressure from New York Attorney Eric Schneiderman and others, Equifax has removed the waiver of your rights to participate in a class action from the contract you must agree to in order to obtain free identity protection services from its TrustedID  program.  Therefore it makes sense to sign up for the program, which you can do here.

https://www.equifaxsecurity2017.com/enroll/

While Equifax also represented that you could find out from them whether or not you were specifically involved in the data breach, that representation is not accurate.  Numerous people have used fake names to test the system and in each instance were told that they probably were affected by the data breach.  This is mildly upsetting, but no more than that.  The sheer size of the data breach is so large and the potential harm so great that you should assume that you were affected.

TIPS

The advice as to what to do is still the same.  You should put a credit freeze on your credit reports at all of the three major credit reporting agencies.  Fraud alerts are worthless.  In addition, you should get copies of your credit reports from each of the three major credit reporting agencies to look and see if you have already been a victim because it is important to remember that this data breach has gone on for months.  You have the right to a free copy of your credit report from each of the three credit reporting agencies once each year.  What many of us do is stagger the request among the TransUnion, Equifax and Experian by requesting one every four months.

You can get your free copies of your credit reports by using this link.

https://www.annualcreditreport.com/index.action

Here are links to each of the credit reporting agencies for information about how to put a credit freeze on your credit reports: 

Scam of the day – September 9, 2017 – Important update about the Equifax data breach

The massive data breach that occurred at credit reporting agency Equifax, between last May and July is a story that is continuing to evolve. If you are one of the approximately 143 million people whose personal information was compromised, you face a serious threat of identity theft. Equifax is offering credit monitoring and other services to the victims of the data breach through its identity protection company, Trusted ID, however, if you read the fine print in the agreement you will find that in order to get the free services you must  waive your rights to be a part of any class action against Equifax and must resort to binding arbitration for any claims against Equifax.  New York Attorney General Eric Schneiderman has already indicated that he believes that requiring such a waiver in this instance is illegal and he has demanded Equifax to remove the language from the agreement.  The agreement does also provide that if you notify Equifax within 30 days of accepting the terms that you wish to opt out of arbitration you can do so, but at the moment, your rights against Equifax are far from clear.

TIPS

So what should you be doing?  It will certainly take some intense investigation, but there may well be cause for a class action against Equifax.  However, in the meantime your primary concern should be protecting yourself from identity theft and the first thing you should do is get copies of your credit report from each of the credit reporting agencies and review them to see if there is any evidence of identity theft. Regardless of whether you find any such indications, the next thing you should do is put a credit freeze on your credit reports at each of the three major credit reporting agencies.

You can get your free copies of your credit reports by using this link.

https://www.annualcreditreport.com/index.action

Here are links to each of the credit reporting agencies for information about how to put a credit freeze on your credit reports: 

August 26, 2017 – Steve Weisman’s latest column for the Saturday Evening Post

Here is a link to my latest column which describes how putting a credit freeze on your credit reports can be the best thing you can do to protect yourself from becoming a victim of identity theft.

Con Watch: Credit Freezes: The Best Protection from Identity Theft

Scam of the day – August 11, 2017 – Nationwide insurance settles data breach lawsuit

It appears that the insurance company Nationwide, despite its catchy slogan, may not be on your side.  Nationwide Mutual Insurance Company has just settled a legal complaint brought against it by the attorneys general of 32 states and the District of Columbia related to a 2012 data breach in which sensitive personal information including Social Security numbers of  1.2 million of its customers and even people who merely applied for insurance quotes and did not buy insurance from Nationwide was stolen in a massive hacking and data breach.

Under the terms of the settlement Nationwide will pay 5.5 million dollars to the states’ attorneys general who will use the funds to cover the costs of the investigation and legal action against Nationwide as well as to assist in future consumer protection enforcement cases.

Two class actions by injured consumers regarding the data breach are still pending in the courts.

The key reason for the liability of Nationwide in this case is that the data breach was made possible due to the failure of Nationwide to update their security software with patches that were already available.  Had Nationwide installed the security updates in a timely fashion, the hacking and data breach would have been thwarted.

In addition to the 5.5 million dollar payment, Nationwide is also required under the terms of the settlement to update its security practices, install security updates in a timely manner and take other specified steps to protect consumers’ data.  Nationwide is also required to notify consumers that the company keeps their personal information even if the consumer does not become a customer of Nationwide.

TIPS

You will continue to see legal actions, settlements and court decisions such as this in the future as law enforcement is increasingly holding companies responsible for their faulty security practices.  As New York Attorney General Eric Schneiderman said, “Nationwide demonstrated true carelessness while collecting and retaining information from prospective customers, needlessly exposing their personal data in the process.”

So what does this mean to you and me?

Once again, this shows that regardless of how protective you are of your personal information, you are only as safe as the companies and institutions with the weakest security that have your information. Try as much as you can to limit providing personal information to companies unless there is a real need and inquire as to what the companies do to protect your data.  In addition, as I have advised many times, the best thing you can do to protect yourself from identity theft is to put a credit freeze on your credit reports at the three major credit reporting agencies. You can learn how to do this by going to the “search the website” section of Scamicide and putting in the words “credit freeze.”

 

Scam of the day – November 13, 2016 – Important update for victims of the OPM data breach

I initially reported to you in 2014  that  the federal Office of Personnel Management (OPM) was hacked by Chinese hackers who stole personal information of  what was initially thought to be the personal information of about four million present and former federal employees as well as non-employees whose information was gathered by the OPM during the course of background investigations of federal employees.  At that time, the OPM offered free credit restoration services and credit monitoring to the victims through Winvale/CSID.  Then in 2015,  the OPM discovered a much larger data breach affecting more than twenty-one million people and again offered free credit restoration services and credit monitoring services.   Now the contract of  OPM with Winvale/CSID to supply those free credit restoration and monitoring services will end on December 1st.  If you were affected by the initial breach and had availed yourself of the free services offered by OPM, you will need to re-register with the new company, ID Experts.  You can do so by clicking on this link. https://www.opm.gov/cybersecurity

Victims of the second OPM data breach who applied for free credit restoration and monitoring services were already covered by ID Experts so they need not reapply.

TIPS

If you were a victim of the first  OPM data breach,  you should click on the link above and sign up for the free services.

It is important to remember that no identity theft protection company can prevent you from becoming a victim of identity theft.  The best they can do is notify you earlier that you have become a victim.    In fact, the OPM offered these services a year after the data breach actually occurred so the danger of identity theft is significant.   None of the identity theft protection companies help you with the one best step you can take to protect yourself from identity theft which is to put a credit freeze on your credit report.  With a credit freeze on your credit report, even if someone has your personal information including your Social Security number, they cannot access your credit report for purposes of gaining credit or loans in your name.  You can find information about how to put a credit freeze on your credit reports at each of the three major credit reporting agencies by going to the Archives section of Scamicide and putting in the words “credit freeze.”

Scam of the day – October 2, 2016 – Another state enacts child identity theft law

Ohio became the latest state to enact a law providing for credit freezes for children to protect against child identity theft. Unfortunately, less than half of the states provide this much needed protection of minors from identity theft.  This is important because in recent years, children have been a prime target of identity thieves who, if they are able to get identifying information on a child such as the child’s Social Security number, can open a credit report on behalf of the child and obtain credit in the child’s name.  The identity thief never pays back the money accessed through the child’s credit and the child is burdened with a bad credit report that can have a deleterious effect on the child when he or she applies for credit, applies for a job, applies for a scholarship or applies for an apartment.  Often the identity theft is not discovered until years after it first happens which makes it more difficult to remedy.  A credit freeze is a tremendous tool for fighting identity theft because it prevents an identity thief who even has your Social Security number from accessing your credit report for purposes of establishing credit in your name. Unfortunately, the credit reporting agencies do not generally permit credit freezes for minors except in those states, such as Ohio that have required them to do so by law.

TIPS

If you live in Ohio and have minor children, you should contact each of the three major credit reporting agencies, Equifax, Experian and TransUnion in order to freeze your child’s credit.  If you live in one of the other states that have similar laws, take advantage of the law, set up a credit report for your children and immediately freeze the account. And while you are at it, you should also freeze your own credit reports as your best precaution against identity theft. For information about how to put a credit freeze on your own credit reports go to the Search This Website section of Scamicide at the top of the page and type in “credit freeze.”  If your state does not have such a law, let your state legislators know that you want them to pass such a law.  I am proposing such a law in my own home state.  Parents should, as much as possible, try to limit the places that have their child’s Social Security number and become familiar with the Family Educational Rights Privacy Act which helps you protect the privacy of your child’s school records and lets you opt out of information sharing by the school with third parties.  Finally, the security company AllClear ID (www.allclearid.com) provides a free service called ChildScan which not only searches credit records tied to your child’s Social Security number, but also checks employment records, criminal records and medical records to recognize at an early stage if your child has become a victim of identity theft.

Scam of the day – June 27, 2016 – Why you should have a credit freeze

Regular readers of Scamicide are probably familiar with credit freezes, but it is important to remind everyone about the benefits of this tool that is simply the best thing you can do to protect yourself from identity theft.  A credit freeze is, as the name implies, is a freezing of your credit report at your request whereby no one can have access to your credit report even if they have your Social Security number and other personal information about you.  You control access to the credit report through a special PIN that you choose.   Thus, even if someone was able to steal your Social Security number, they could not parlay that into access to your credit report and use it to purchase things or set up accounts using your name.  If you need to thaw out your credit report at such times as you want to apply for credit in the future, it is an easy procedure to do by using your PIN; then, after your new credit has been established, you can freeze your credit report again.

Here is a link to the National Conference of State Legislature’s webpage that describes the credit freeze laws for each individual state.  Because the laws differ from state to state, you should check on the laws for your own particular state when putting on a credit freeze because the costs differ from state to state.  http://www.ncsl.org/research/financial-services-and-commerce/consumer-report-security-freeze-state-statutes.aspx

The credit reporting bureaus and many of the companies offering identity theft protection services advise people to put a fraud alert on their credit reports at each of the three major credit reporting agencies, Experian, Equifax and TransUnion, if you think you are in danger of identity theft rather than use a credit freeze. With a fraud alert in place, you are supposed to be notified if anyone attempts to open a new account or access credit in your name, which sounds like a good thing and it would be if it weren’t often ignored by businesses opening new accounts or granting credit in your name by identity thieves.

And what is the penalty, you might ask for a company failing to contact you before granting someone credit if you have a fraud alert on your credit report? Zero. Zilch. Nada. There is absolutely no penalty whatsoever if a company chooses to ignore a fraud alert and fails to notify you when someone attempts to open a new account using your name.  So why do credit reporting agencies recommend that people use fraud alerts to protect themselves from identity theft?  The answer is simple. The credit reporting agencies make billions of dollars by selling your information to banks and other companies. With a fraud alert in place, they can continue to sell your information however, if you have a credit freeze in place, they cannot sell your information. With a credit freeze in place, even an identity thief who already has your Social Security number will not be able to access your credit reports to use your credit to make purchases or open accounts in your name.

This is important because before opening new accounts, most companies will do a credit check of the applicant. With a credit freeze in place, a credit check cannot be done and consequently an identity thief will be prevented from opening new accounts

Having your credit frozen will not affect your ability to get your annual free credit reports from each of the three major credit-reporting agencies Equifax, Experian and TransUnion.  It is important to put a credit freeze on your credit report at each of the three major credit reporting agencies.  Here are the links to each of them where you can go to freeze your credit.

Equifax  https://www.freeze.equifax.com

TransUnion:  https://transunion.com/securityfreeze

Experian   https://www.experian.com/freeze/center.html

Scam of the day – January 2, 2016 – New law to protect children from identity theft

North Carolina became the latest state to enact a law providing for credit freezes for children to protect against child identity theft. Unfortunately, less than half of the states provide this much needed protection of minors from identity theft.  This is important because in recent years, children have been a prime target of identity thieves who, if they are able to get identifying information on a child such as the child’s Social Security number, can open a credit report on behalf of the child and obtain credit in the child’s name.  The identity thief never pays back the money accessed through the child’s credit and the child is burdened with a bad credit report that can have a deleterious effect on the child when he or she applies for credit, applies for a job, applies for a scholarship or applies for an apartment.

TIPS

If you live in North Carolina, you should go to the website www.ncdoj.gov/creditfreeze for information about how to put a credit freeze on credit reports of your children.  If you live in one of the other states that have similar laws, take advantage of the law, set up a credit report for your children and immediately freeze the account. And while you are at it, you should also freeze your own credit reports as your best precaution against identity theft. For information about how to put a credit freeze on your own credit reports go to the Search This Website section of Scamicide at the top of the page and type in “credit freeze.”  If your state does not have such a law, let your state legislators know that you want them to pass such a law.  I am proposing such a law in my own home state.  Also, as much as possible try to limit the places that have your child’s Social Security number and become familiar with the Family Educational Rights Privacy Act which helps you protect the privacy of your child’s school records and lets you opt out of information sharing by the school with third parties.  Finally, the security company AllClear ID (www.allclearid.com) provides a free service called ChildScan which not only searches credit records tied to your child’s Social Security number, but also checks employment records, criminal records and medical records to recognize at an early stage if your child has become a victim of identity theft.

Scam of the day – December 12, 2015 – Georgia voters at risk of identity theft

Not all data breaches are caused by hackers breaking into the computers of companies and governmental agencies in an effort to steal personal information that can be used for purposes of identity theft.  Sometimes the data breaches that expose personal information of people involved with companies and governmental agencies occurs due to the negligence of those holding the information.  This, however, is of little consolation to those people whose personal information has been exposed and made available to people who can then use that information for purposes of identity theft.  In October the Georgia Secretary of State’s office mistakenly distributed CDs containing personal data including Social Security numbers and birth dates on 6.2 million registered voters to twelve organizations that regularly purchase voter lists maintained by the Secretary of State.  Among the groups receiving the CDs were state political parties, news media organizations and Georgia GunOwner Magazine.  An investigation is ongoing as to how this occurred.  The Secretary of State has indicated that all twelve CDs have been retrieved, but at this time, no one knows who may have gotten access to the personal information contained on those CDs before they were retrieved.  Now Georgia Secretary of State Brian Kemp has announced that those affected voters will be provided with a year of free credit and identity theft monitoring services through CSID services.  Those people affected by the data breach will be able to sign up for these services within the next few weeks.

TIPS

If you are a registered voter in Georgia, you can contact the Secretary of State’s office for updated information about the data breach and what you can do to protect yourself from identity theft by calling the Secretary of State’s office at 404-654-6045.  A link to CSID’s website where affected people can sign up for credit and identity theft monitoring services will be provided on the Secretary of State’s website www.sos.ga.gov as soon as the services are available.  Meanwhile, if you are a registered voter in Georgia and therefore in danger of identity theft due to this information being distributed, you should consider putting a credit freeze on your credit report at each of the three major credit reporting agencies as a proactive measure that will provide you with greater protection from identity theft than you will get from credit and identity theft monitoring services.  Go to the archives of Scamicide and type in “credit freeze” for information as to how to set up a credit freeze on your credit reports.