One in 143 million
Unfortunately, you may have found yourself in the same situation as 143 million other Americans whose information was recently compromised by the Equifax hack.
What should you do now? Experts urge people to immediately freeze their credit and accounts. However, is this method secure enough?
Having your identity stolen is serious. With everything out of place, what to do next can be a confusing process. The immediate steps that should be taken are to freeze all of your accounts, which some people opted to do with Experian, a credit reporting agency.
Freezing your credit is typically a free service for identity theft victims.
It is a secure way to ensure that no one can access your credit reports and accounts but you. In order to gain access to accounts, users are required to provide a unique PIN. The whole process is typical for identity theft victims. However, after the major cyber-attack that Equifax suffered, some doubt that providing a PIN is enough.
The PIN Problem
This doubt stems from how Experian dealt with users who forgot their PIN. Similarly to when you forget your password to any other account, customers can request a new PIN by providing personal information.
Some of this information includes your home address, social security number or date of birth. Experian also has a second verification hurdle to jump which include a series of personal questions, such as a previous address.
The problem is that after a hack, this information is not so hard to find.
It is likely that hackers have most of the answers to these questions and what they may not have, they can make up for with the help of social media. This leaves the once secure PIN open to much vulnerability.
Fool me once
Once your personal information has been stolen, the last thing you want is to have it happen again. Though certain credit reporting agencies may promise security, it can get harder and harder to trust them.
Experian has verified that they have additional processes that they do not disclose in order to further protect their customers. Still, could the security practices be more efficient to prevent further fraud?