Identify Theft: What to Do if Your Data is Compromised

by Michael on Oct 22, 2012 · 1 comment

Photo of Credit Cards on a Keyboard with a Lock

I recently received a letter from my employer stating that their computer systems had been breached and that my name, address, and Social Security number (SSN) had been compromised.

As it turns out, I’m not alone in this.

My data was apparently part of a much larger file that was stolen by the hackers. The good news is that I found out about it quickly and my employer is being proactive in offering free credit monitoring, at least for awhile. But still…

I’m now at increased risk of identity theft, credit fraud, etc. If you find yourself in a similar position, what should you do?

Request a fraud alert

For starters, you should place a fraud alert on your credit file. To do this, contact any of the three major credit bureaus (Equifax, Experian, and TransUnion) and request the fraud alert. Since this information is shared across companies, contacting one should be enough.

You can request the alert online or over the phone. Once completed, you should receive written confirmation from all three that the alert is in place. With the alert in place, credit issuers shouldn’t approve any applications without contacting you.

Note: Here is the contact information for the credit bureaus.

Also, when you place an alert, you will also be given instructions for getting a free credit report from each of the three bureaus. Note, however, that the FTC recommends waiting about a month before checking your report because it takes a bit of time for things to show up.

Review your credit reports

Once your free credit reports arrive, be sure to review them carefully. In addition to checking for accounts that you don’t recognize, you should also check to be sure that your personal details are accurate.

If you find any discrepancies, report them to the credit bureau immediately and immediately follow up on any accounts that you don’t recognize.

Consider extending the fraud alert

The initial fraud alert is good for 90 days. However, the letter that you’ll receive confirming that the alert is in place will include instructions for extending the alert. The extended alert stays in place for seven years.

The only downside of having a fraud alert in place is that it prevents automated approvals on credit applications and there’s a decent chance that the issuer won’t follow up to confirm your request. Thus, a fraud alert can inadvertently block legitimate credit applications.

Consider freezing your credit

If you’re looking for something stronger than a fraud alert, consider placing a credit freeze (or “security freeze”) on your credit record. Doing so locks down your credit reports, thereby preventing anyone (including you) from doing anything that requires access to your credit record. When you freeze your credit, you’ll receive a PIN code or password for temporarily lifting or completely removing the freeze.

The advantage of a credit freeze is that it’s likely to be more effective than a fraud alert (which are sometimes missed or ignored by credit issuers). That being said, having a credit freeze in place can delay or prevent the approval of all kinds of applications. Yes, you can unlock your report, but keep in mind that you might need a bit of lead time.

Keep checking your credit reports

If you’re lucky, you’ll be offered free credit monitoring in conjunction with the loss of your data. If not, you can do something similar yourself. As you’re likely aware, you’re entitled to a free credit report from each of the three bureaus once per year. To access these reports, start by visiting

But instead of requesting all three at once, spread them out to cover the year. Assuming that you followed up after placing the fraud alert, you’ll have check all three reports roughly a month after your data was compromised. From that point forward, check one of your three credit reports every four months.

Since all of you reports should contain much the same information, this is a good way of catching nefarious activity over time vs. using up all your reports at once.

Be vigilant

And finally… Be on the lookout for anything suspicious going forward — credit cards you haven’t applied for, being offered less than stellar terms on your legitimate credit applications, calls or letters from collection agencies, etc.

All of the above are possible signs that someone has been masquerading as you to secure (and abuse) credit in your good name.

1 Kevin @ Credit Bureau Insider October 29, 2012 at 3:43 pm

The most common tactic for a crook using a fake identity is to first change the address on the credit report. That allows them to apply for new credit at the new address without the real person learning of the activity.

When checking your reports make sure you look at the current address information first. Contact the bureaus if a new address does not belong to you.

Comments on this entry are closed.

Previous post:

Next post: