The Equifax Data Breach And What You Need To Know

The Equifax Data Breach And What You Need To Know
You likely have read that hackers broke into the Equifax database (one of the three major credit bureaus) and stole personal information tied to 143 million people – more than half of the U.S.’s adult population.  The hackers accessed people’s names, Social Security numbers, birth dates, addresses, and driver’s license numbers. They also stole credit card numbers for about 209,000 people.  Your data will likely be for sale to criminals who can use it to open new lines of credit or file phony tax refund requests. So here’s what you need to know. 

Regarding Your Investments:

Rest assured you don’t have to worry about the security of your investments managed by True Wealth Design and held at Pershing, a wholly-owned subsidiary of BNY Mellon – the world’s largest custodian with more than $30 Trillion in assets under custody. Some important items to note about our internal procedures to securely handle cash transactions:
  1. We always call clients to verbally confirm when we receive an email or voicemail request for money. Since we work with a limited number of clients and have personal relationships with them all, we can easily sense if someone is an imposter and an email account is hacked, etc. Large financial institutions and call centers cannot say the same.
  2. Money can only be transferred by mailed check to your home address on file (change of address requires a wet signature on a form) or to your linked bank account (linking requires a voided check and wet signature on a form).

  3. We do not utilize wire transfers except in limited circumstances as requested by the client. In these instances, not only is True Wealth Design speaking directly with the client to confirm the request is legitimate but the custodian also calls the client in addition to verifying the signature.

Regarding Equifax and Your Credit:

Equifax compounded its public relations nightmare by sending people to a website to find out if they were affected, and then including language so that anyone signing in to get this information had to waive rights to join a class action suit against the company should their identities be stolen and financial harm come to them. The negative publicity forced Equifax to delete the waiver.
However, when you sign into the web page to find out if you were affected (the link is here), the site requests the last six digits of each person’ social security number—and guessing first three isn’t as hard as you might think since different regions of the country use pre-assigned digits.  Given Equifax’s lax data security, the company’s request for additional personal information is worrisome.
If you have credit, then there’s a high probability that identity thieves now have your Social Security number and address.  To contain the potential damage, the U.S. Federal Trade Commission recommends that you take several steps immediately. 
  1. Request your free credit report. Under federal law you’re allowed to request a free copy of your credit report once a year from each of the three credit reporting agencies: Equifax, Experian, and TransUnion—at You can do this every 122 days by rotating among the agencies.  Look for suspicious accounts or activity that you don’t recognize—such as someone trying to open a new credit card or apply for a loan in your name.  If you do see something, visit to find out how to mitigate the damage.

  2. Reissue cards. Call your existing credit card companies and say you lost your card. They’ll issue a new one with a new number for the same account. This way if the thieves have a credit card number, it’s an invalid one.
  3. Monitor your bank and credit accounts.  The credit report won’t tell you if there’s been money stolen from a bank account or suspicious activity on your credit card.  Unfortunately, you’ll have to turn this into a habit.  In most cases, theft happens over time, starting with small amounts stolen from across your accounts. 

  4. Place a fraud alert on your account.  You can put a fraud alert, for free, by contacting one of the credit agencies, which is required to notify the other two.  This will warn creditors that you may be an identity theft victim, and they should verify that anyone seeking credit in your name is really you.  The fraud alert will last for 90 days and can be renewed.

  5. Consider putting a freeze on your credit. A freeze blocks anyone from accessing your credit reports without your permission—including you.  This can usually be done online, and each bureau will provide a unique personal identification number that you can use to “thaw” your credit file in the event that you need to apply for new lines of credit sometime in the future. Fees to freeze your account vary by state, but commonly range from $0 to $15 per bureau.  You can sometimes get this service for free if you supply a copy of a police report (which you can file and obtain online) or affidavit stating that you believe you are likely to be the victim of identity theft.

  6. Consider a credit monitoring service. Many Americans have opted to sign up for a credit monitoring service, which won’t prevent fraud from happening, but WILL alert you when your personal information is being used or requested.  In most cases, there is a cost involved, but Equifax is offering a free year of credit monitoring through its TrustedID Premier business, whether or not you’ve been affected by the hack.  It includes identity theft insurance, and it will also scan the Internet for use of your Social Security number—assuming you trust Equifax with this information after the breach. (Note: Capital One credit cards provided a free service called Credit Tracker that you can use to monitor your accounts and any new credit inquiries. If an inquiry is made that you’re not aware of, contact the bureau’s to ensure it’s not fraud-related.)

  7. Opt-out of credit offers sent via mail. ID thieves like to intercept offers of new credit sent via postal mail.  If you don’t want to receive prescreened offers of credit and insurance, you have two choices: You can opt out of receiving them for five years by calling toll-free 1-888-5-OPT-OUT (1-888-567-8688) or visiting You can also permanently opt-out by returning a signed Permanent Opt-Out Election form, which will be provided after you initiate your online request.

If you are a client and need assistance or have questions on any of the information above, please do not hesitate to contact us.
Kevin Kroskey, CFP®, MBA 

President & Senior Wealth Advisor


This article adapted with permission from