A recent breach of almost 3 billion personal information included a lot of Social Security numbers. Was it one of them? How to check and what to do to stay safe.
Most likely, you have never heard of National Public Data. This is the company that gets money by selling credit card companies, employers, and private investigators access to your personal information.
Now it looks like the hacker group USDoD took about 2.9 billion of its records. There is a good chance that your information, possibly even your Social Security number (SSN), is there.
For only $3.5 million, USDoD was willing to sell this information. In a strange twist, Fenice, another threat player, stole the data and put it on the dark web before USDoD could make money from it.
How bad is it really? Vx-Underground, a security company, says that the stolen material includes
- First name
- Last name
- Address
- Address history (three decades’ worth)
- Social Security number
There was also news from Vx-Underground that “the database does not contain information from individuals who use data opt-out services.” People can use these sites or services to tell a business or group that wants to keep their records that they don’t want them.
Though it’s good to know, it may be too late for many of you.
Identity theft and fraud can be done with the 277GB of info that was leaked. The breach may not touch all 2.9 billion unique people because each person has more than one record, but it is still a big problem. People can use the information to make fake accounts, borrow money, or even cheat on their taxes.
How to find out if your SSN was leaked
Pentester, a personal security business, has a website that can tell you if your SSN was leaked. You have to type in your first and last name, your birth year, and the places you’ve lived in. The site will show you a chart with your address and the last two numbers of your SSN if your SS number was stolen.
Try looking for records that are linked to different last names or states if you can’t find the ones that are linked to your current state or name.
When I tried this tool, it showed me real records.
Pentester co-founder Richard Glaser said, “Your name, address, and phone number may change, but your social security number stays the same.”
When you ask for a loan, credit card, or investment, financial institutions use your SSN to make sure you are who you say you are and to follow the rules. It’s how people know who you are if you’re a US citizen. Because of this, it is very important to check if your SSN is available.
How to monitor your credit reports
If your SSN was leaked, check your credit reports from Experian, Equifax, and TransUnion for any activity that wasn’t allowed. Do this regularly from now on out as well.
Use the websites of the credit companies to report any transactions that seem fishy. You can also freeze your credit to stop people from opening new accounts in your name.
Your credit can be frozen through Equifax Credit Freeze, Experian Credit Freeze, and TransUnion Credit Freeze. Some credit repair companies, like Credit Karma, can also help you freeze your credit.
Now is the time to protect yourself from identity theft and keep an eye on your credit report if you think your information has been misused. ZDNET says that Aura is the best service of its kind generally.
But using these services isn’t enough.
Beware of phishing attempts
You should also watch out for phishing scams. Watch out for emails, texts, or calls that try to get personal information from you. Scammers will use your stolen information to make fake attacks that look real.
For example, I recently got an email that seemed to be from my bank and included my address. It said that my account had been hacked and that I needed to change my password right away by clicking on the link in the email.
Do not believe that message, even if it seems to be warning you of something terrible or offering something that seems too good to be true. Do not click on any links in these kinds of emails or texts.
What to do if you’ve clicked on a phishing link
Don’t worry if you clicked on a fake link. Do, however, take these steps right away:
- Right away, disconnect from both the internet and your home network. This stops any malware that might be out there from spreading or talking to other malicious sites.
- Use a portable hard drive or a USB stick to save copies of your important files. This keeps your data safe in case it gets lost or damaged.
- Do a full check for viruses. Didn’t get one for your phone? Then, you should download an antivirus program to a different computer, put its setup file on a USB stick, and then put that stick into the computer that is infected.
- Make sure you have new passwords for all of your online accounts, especially the important ones like your bank and credit card accounts. For each account, use a strong, unique password, and think about using a password organizer.
- Turn on two-factor security. When you can, turn on multi-factor authentication (MFA) for all of your accounts. This makes things safer in more ways.
- Keep an eye on your important online accounts. Get in touch with the company right away if you see anything fishy.
What to do if your SSN is compromised
To stop someone from using your SSN without your permission or against the law, do the following:
- Log on to IdentityTheft.gov and report the theft to the Federal Trade Commission (FTC). This service will help you through the process and make a recovery plan just for you.
- You should make a report to the cops in your area. The cops may not be able to look into it right away, but having a report can be useful as proof.
- Keep an eye on your credit reports to find any accounts or behavior that you didn’t authorize. AnnualCreditReport.com lets you get free credit records every week.
- As I already said, you should freeze your credit reports at all three of the big credit bureaus: Equifax, Experian, and TransUnion. No new accounts can be made in your name after this. You can also put a fraud alert on your credit record, which makes companies check your identity before giving you credit.
- Check your Social Security Statement for any strange behavior, like income that wasn’t reported.
Next, get in touch with the Internal Revenue Service (IRS) to stop any possible tax theft. Do these things:
- Call the IRS at 1-800-908-4490 to get in touch with the Identity Protection Specialized Unit. This line’s only job is to help people who think their tax funds have been used to steal their identity.
- Fill out an affidavit about identity theft: Finish IRS Form 14039, which is used to let the IRS know about possible identity theft. You can take it to IdentityTheft.gov online and have it sent to the IRS, or you can download the form from the IRS website and send it with your tax return to the address on the form.
- Respond to Notices from the IRS: If you get a notice from the IRS saying that your SSN has been used illegally, read the notice and do what it says. Usually, these kinds of warnings are sent through the mail. Then, you might have to send in a Form 14039 or some other kind of ID to prove who you are and solve the problem.
This step-by-step process can take a long time. Your name can be stolen, though, if you don’t check your accounts and, if necessary, make sure they are safe. Identity theft is much worse to fix than to avoid in the first place.
After that, be careful and keep checking your accounts and credit reports often. If you see anything fishy going on, you should report it right away to the right officials and financial institutions. You can’t just deal with this threat once and forget about it. It’s one that will last all through your life.
Leave a Reply