We have had many clients contact us regarding last week’s report of a data breach at Equifax. This is a serious issue that we are monitoring very closely.
A data breach at Equifax – which is one of three main credit reporting bureaus in the country that calculate credit scores – has exposed the sensitive data of as many as 143 million people. Hackers may have accessed information including full names, Social Security numbers, addresses, birthdates and some driver’s license and credit card numbers.
While we do not know yet the full extent of what happened, we want you to understand your options and be able to decide where to go from there.
HAVE YOU BEEN IMPACTED?
We believe that with an event of this scale, it is reasonable to assume that your data was exposed and to take precautions no matter what.
Equifax has set up a website – www.equifaxsecurity2017.com – where you can check to see if your data may have been compromised.
In response to the breach, Equifax has offered the public a free credit monitoring service for a year. There are additional steps you can take to lessen the potential impact.
WHAT ARE YOUR OPTIONS?
We have been assessing the situation and here are some suggestions:
- Request and Review Your Credit Report: We recommend you take a look at your personal credit report. You can download and save your credit report for free once a year from the three credit monitoring firms – Equifax, Experian and TransUnion – at www.annualcreditreport.com. (You could rotate doing one firm every four months to cover more of the year.) This way, you will have today’s information saved in the event of any future breach of your security.
- Consider Purchasing a Credit Monitoring Service: This would be like paying a security guard to watch your credit and alert you when your personal information is used. When you buy a credit monitoring service, you will get a proactive email whenever credit is applied for in your name. You also get a monthly report, and you can check online any time to see if there has been activity. Some of the many services available are Identity Guard, Identity Force and LifeLock. In general, they all charge a monthly subscription fee of around $20.
- Consider a Temporary Fraud Alert on Your Credit: You can request this from each of the three credit reporting companies. This is free and lasts for 90 days. After that you will have to renew it. Creditors will still have access to your credit file, but they must first contact you to verify your identity before extending credit.
- Consider a Credit Freeze: If you’d like to completely restrict access to your credit, you can request a credit freeze by contacting all three credit bureaus directly. Generally it will cost $5 to $10 per company. If you won’t be applying for new credit in the near future, this is a good option and would most likely give you the greatest peace of mind. It will remain in place until you ask to remove it completely, but you can always temporarily unfreeze it if you do need to apply for credit.
- File Your Tax Return as Early as Possible in 2018: If you file an early tax return, you will be able to protect yourself from someone who could file and collect your tax refund before you do. Additionally, you could ask for a personal ID number in order to submit your return.
MISSION WEALTH’S SECURITY SAFEGUARDS
We take the topic of security very seriously at Mission Wealth. The biggest vulnerability is human, so all of our associates are run through a background check. Trading and money movement authority is limited to a few.
Here are a few of the other precautions we take to reduce cybercrime:
- All wire or distribution requests have to be verified with a phone call.
- Any distribution requests to addresses or non-linked accounts (such as indicated above) can’t be done without you signing new paperwork authorizing such a distribution (per Schwab and Fidelity rules, they will not act on instructions from our office without your signature).
- If someone (including you) tries to change your address, you are notified of such a change, and your account is put on distribution restrictions for a period of time.
Additionally, our client portal uses the following 4 levels of security on transmission / viewing:
- SSL 128bit encryption
- X509 certificate
- Time stamping with time limited allowed variation
- SSL HTTPS encryption using a private key
Access is only granted with a valid user name, unique password including numbers and a private “phrase.” Site access is also nsProtect™ monitored.
Helpful cybersecurity information: