PM - RentTrack

How to Protect Your Identity After a Big Data Breach

January 05, 2018

Are you one of the 145+ million people affected by the Equifax breach in 2017? When hackers exploited a flaw in a tool for building web applications to access information stored by Equifax, one of the three major credit bureaus, millions of consumers had personal and financial info exposed. If you were one of them– and if even if not – you may be more concerned than ever before about your online privacy and security.

If you’re not sure if your information was compromised, then go to Equifax’s website and follow the directions there to find out if your personal information was impacted.

Airtight cybersecurity is always a concern, and there are numerous steps you can take to make sure you’re not susceptible to identity fraud. A great first step to make sure your private information is not compromised is to monitor your credit. This allows you to see any changes in your credit report, such as unauthorized or fraudulent charges. It also allows you to stay on top of any negative credit information on your report, so you can respond to or dispute any information that may be inaccurate.

Another option is to freeze your credit with the three top credit bureaus: Equifax, Experian, and TransUnion. This service may be included with a credit monitoring service you already use, or you can do it yourself. (This may require a fee, and can be somewhat labor intensive.) A credit freeze may be right for you if you aren’t going to open any new credit card accounts and/or are not planning on buying a home or buying or leasing a car any time soon. However, you can temporarily or permanently lift the freeze if/when you decide to take any of those actions.

It’s important to note that a freeze will not affect the ability for existing creditors or authorized reporting companies like RentTrack to report information such as rent payments to credit bureaus. However, it will prevent scammers from opening up new, fraudulent accounts in your name.

Keeping your private information safe online while still taking action to build your credit profile is not a problem if you know what to look for in terms of cybersecurity. The following are important things to consider when evaluating whether or not to trust a new company with your personal or financial information:

1) Make sure the company is PCI Compliant.

Whenever you do business with any online merchant, make sure they comply with the Payment Card Industry Data Security Standard (PCI DSS). This set of security standards, launched in 2006, was created to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. Because it’s on the brand or company to guarantee compliance, make sure they have a rigorous process in place to keep your sensitive data safe.

2) Look for other indications of high-level security compliance.

In addition to PCI, there are other cybersecurity compliance measures that can and should be met by online businesses. For example, since at RentTrack we work with all three credit bureaus, we conform to specific requirements such as the EI3PA, which is Experian’s compliance requirement to protect consumer’s credit data. It differs from PCI in that it provides protection of Experian-provided data versus cardholder data. And it’s also approved exclusively by Experian, not by the card issuer, issuing bank or the assessor.

3) Know the governmental rules & regulations related to compliance and cybersecurity.

Did you know that there are specific federal rules and requirements designed to enforce anti-money laundering and prevent identity theft? The United States Financial Crimes Enforcement Network (FinCEN) holds businesses accountable through KYC (“Know Your Customer”) and AML (“Anti-Money Laundering”) regulations. This ensures all parties are verified in a given transaction.

4) Be sure the company regularly implements security scans.

Never do business with an online company that doesn’t provide information about its Security Sockets Layer (SSL) Certificates or other security practices. SSL is a protocol that provides secure, encrypted communications between a website and an internet browser. Look for trusted names like McAfee and Norton to be sure that the online company you’re doing business with subjects their computer systems to regular scans for compliance, malware, and other security-related issues.

5) Check to be sure other security practices, like encryption, are ironclad.

Often, you’ll easily be able to find information about the extent to which an online company encrypts their data – other times, you might need to look at the fine print for details. It’s worth taking the time to do so, and you’ll likely find details about encryption in a company’s privacy policy. It’s also a good idea to check to see if your personal, credit or banking data is stored on an online business’ servers. (Ideally, that shouldn’t be the case.)

While most financial institutions are responsive and helpful when you have been the victim of identity theft, the best way to avoid the inconvenience and stress of such a situation is to prevent it from happening it in the first place. Take the steps necessary to be sure your information is safe and secure — don’t let someone else’s breach become your burden.