Fraud Prevention Blog

10 of the Biggest Data Breaches of 2015

Posted by Stephanie Cho on Tue, Feb 09, 2016 @ 10:25 AM

If you’ve been paying attention to the news, you’ve probably noticed something: the rapid rise of data breaches. As the world becomes more and more interconnected and technology-dependent, more and more data is being stored online rather than the traditional method of filing away all the data on paper in file cabinets. While having an online database can exponentially streamline processes and therefore save businesses time and money, it can also open up businesses to security breaches by virtually anyone from anywhere in the world.

Before EMV became the standard in the United States, data thieves set their sights on payment card information: credit/debit card numbers along with the account owner’s name and billing address. However, thanks to the beefed-up security protocols provided by the EMV standard, thieves are finding it harder to create fraudulent payment cards that work and are now going after the data needed to create fraudulent payment cards and other financial channels, such as mortgage loans.

While it’s a bit of a relief that actual payment card numbers seem to be safer than in the past, the landscape of data theft is much more treacherous – the thieves are now targeting data that can compromise your entire identity. Now, if your any of your data gets stolen in a data breach, you can’t resolve the issue by simply canceling whichever payment card was compromised since thieves can open new payment cards in your name. Now, you have to monitor your credit report for years after the breach and spend a great deal of your time reclaiming your identity in the event it is used fraudulently in any way.

The following is a list of the ten biggest data breaches in 2015. It is worth noting that these may not actually be the biggest breaches since organizations who have suffered data breaches often do not disclose how many records were affected; the list is composed of organizations who have released the amount of records that were affected.

1.

UCLA Health Systems Building in Santa Monica
A UCLA Health Systems Building in Santa Monica | Photo courtesy: townhall.mednet.ucla.edu/

Total amount of records compromised: 4.5 million
Who? UCLA Health System – Los Angeles, CA
When did the data breach start/occur? As early as September 2014
When was the data breach noticed? May 5, 2015
When was the data breach reported? July 7, 2015
What was compromised? Names, addresses, birthdates, SSNs, medical record numbers, Medicare/health plan ID numbers, and medical information such as medical conditions, medications, procedures, and test results
Was payment card information compromised? No
How did the data breach occur? In October 2014, UCLA Health noticed some suspicious activity on one of their computer servers but was unable to confirm that their network had been compromised after an investigation. On May 5, 2015, their network was breached by hackers. The hackers had installed a ‘backdoor’ into the system that they used to access the servers at the later date; this backdoor was not noticed by investigators 8 months earlier.
Although there has been no evidence that the hackers accessed patient information, investigators have been unable to conclusively rule out the possibility that they were actually accessed. At the time of the data breach, UCLA Health had not taken steps to encrypt patient information.

Whose records were compromised? UCLA has notified UCLA has not made it publicly known whichpatients have been affected - i.e., the time period of the records that were compromised – so if you have personal/medical records at UCLA Health and have not received a notice from them, your record has likely not been compromised.
What to do if your record was compromised? For those with compromised records, UCLA Health has offered 12 months of free identity theft recovery and restoration services along with a $1,000,000 insurance reimbursement policy and additional healthcare identity protection tools through ID Experts.
For those who also had their Social Security number or Medicare identification number compromised, UCLA Health has offered an additional 12 months of free credit monitoring. Please note that neither UCLA Health nor ID Experts will call potentially affected individuals without their consent.
If your record has been compromised and would like to sign up for these free services, please contact ID Experts at 877-534-5972 Monday-Friday 6AM-6PM PST or visit www.myidcare.com/uclaprotection. The deadline to enroll for these free services is March 6, 2016.

Additional information:
https://www.uclahealth.org/pages/data2015.html
http://www.myidcare.com/uclaprotection
http://www.latimes.com/business/la-fi-ucla-medical-data-20150717-story.html


2.

Scottrade Logo
Scottrade Logo | Image courtesy: scottrade.com

Total amount of records compromised: 4.6 million
Who? Scottrade – St. Louis, Missouri
When did the data breach start/occur? Late 2013 - Early 2014
When was the data breach noticed? Late August 2015
When was the data breach reported? October 1, 2015
What was compromised? Names, addresses, SSNs, email addresses, and other sensitive data
Was payment card information compromised? No
How did the data breach occur? Scottrade had no knowledge that their network had been hacked until they were contacted by federal law enforcement officials who had been simultaneously investigating data theft cybercrimes at other financial service companies. It is unclear who perpetrated the hack or how they did it; the investigation into this data breach is still ongoing.
Whose records were compromised? Client contact information from customers prior to February 2014 was compromised; if you became a client after this time, your records should be uncompromised. If you were a client prior to February 2014, your account information likely has been compromised and you should have been contacted by Scottrade via letter or email.
What to do if your record was compromised? For those with compromised records, Scottrade has offered 12 months of free identity protection services, as well as identity repair and additional credit monitoring, through AllClear ID. Steps on how to sign up for this free service are contained in the letter/email that was sent out to affected clients.
If you have questions regarding the security of your account information, please contact AllClear ID at 855-229-0083 available Monday-Saturday 8AM-8PM CST. Please note that neither Scottrade nor AllClear ID will ask you for your account number, password, or other private information. Do not give any answers if you have been asked for such information – instead contact phishing@scottrade.com to report the fraudulent request.

Additional information:
https://about.scottrade.com/updates/cybersecurity.html
https://oag.ca.gov/system/files/Scottrade%20California%20notice%20only%20_0_0.pdf


3.

VTech Tote & Go Toy
VTech Tote & Go Toy | Photo courtesy: diapers.com

Total amount of records compromised: 4.8 million parents’ and 6.4 million kids’ worldwide
Who? VTech – Arlington Heights, Illinois
When did the data breach start/occur? VTech – Arlington Heights, Illinois
When was the data breach noticed? November 23, 2015
When was the data breach reported? November 27, 2015
What was compromised? Names (including children’s names), addresses, email addresses, birthdates, passwords, security questions and answers for password retrieval, IP addresses, download history, device purchase history, children’s genders, children’s photos, chat logs
Was payment card information compromised? No
How did the data breach occur? On November 23, 2015, VTech was notified of suspicious activity on their website through a joint effort by Troy Hunt, a writer who specializes in web security, and Lorenzo Bicchierai, a writer for VICE Motherbord. After conducting an internal investigation on November 24th, a data breach was confirmed on November 26th. On November 27th, VTech published a statement on their global website confirming that there was unauthorized access to their databases.Although the investigation is still officially ongoing, authorities have arrested a 21-year-old man on December 15th in Bracknell, England in connection to the data breach. The suspect claims that he did not intend to profit off the data breach, but rather, wanted to show the public just how weak VTech’s security measures were. VTech claimed that their databases were hacked through an “orchestrated and sophisticated attack”, the suspect, however, claims he used a simple hacking technique to accesses the databases.
Whose records were compromised? VTech customer data on VTech’s Learning Lodge app store, the PlanetVTech website, and Kid Connect servers were all compromised. The Learning Lodge app store, Kid Connect, and other affected VTech websites were suspended after the hack was discovered.
On November 27th, VTech sent out email notifications to all affected customers. The Learning Lodge app store re-opened on January 23, 2016; VTech is currently working on bringing Kid Connect back online. VTech has no plans to re-open the PlanetVTech website as well as the aforementioned websites.

What to do if your record was compromised? It is recommended that you immediately change usernames, passwords, and answers to security questions to any sites/services that were also used as login credientials on VTech related sites. If you have any questions in regards to the VTech data breach and how it affects your information, please contact vtechkids@vtechkids.com.
Additional information:
https://www.vtech.com/en/press_release/2016/faq-about-cyber-attack-on-vtech-learning-lodge/
http://www.troyhunt.com/2015/11/when-children-are-breached-inside.html
https://www.vtech.com/en/press_release/2016/faq-about-cyber-attack-on-vtech-learning-lodge/


4.

State of Georgia Secretary of State Brian P. Kemp Seal
Brian P. Kemp, Secretary of State, Georgia, Seal | Image Courtesy: csid.com

Total amount of records compromised: 6 million
Who? Secretary of State, Brian Kemp - Fulton County, Georgia
When did the data breach start/occur? October 3, 2015
When was the data breach noticed? By an employee: October 13, 2015; by Brian Kemp: November 13, 2015
When was the data breach reported? November 18, 2015
What was compromised? Names, birthdates, driver license information, and Social Security numbers
Was payment card information compromised? No
How did the data breach occur? There are two sides to this story.
In late summer of 2015, Cooley, an employee of Brain Kemp, said the office received a request from the Georgia Department of Revenue for voter files, along with voter Social Security numbers, birthdates, and driver license numbers. Legally, voter files are only supposed to contain data on each individual voter’s name, residential/mailing address, race, gender, registration date, and last voting date, and are sent to legally-entitled groups who request voter information.
After receiving approval for the request from the office’s lawyers, on October 3rd, Cooley asked PCC Technology Group - an outside firm that manages data for the office - to organize the data and input that data into a separate file that was to be given to the Georgia Department of Revenue. Cooley contacted PCC again on October 13th to inquire about the status of the data; he was informed by PPC that the data organization was completed the day of the request. However, due to a misunderstanding, PCC had uploaded the data onto the state’s existing statewide voter file, rather than a separate file.
Once Cooley learned that the data had been uploaded to the wrong file, he had PCC immediately remove the data and verified that no one had pulled the file from the database in which it had been uploaded. After verifying that the file had not been accessed, Cooley did not report the incident to his supervisor or anyone else in the office. Unfortunately for Cooley, another employee had already downloaded the data and burned it onto 12 compact discs to send to organizations that had subscribed to the office’s monthly voter data list. Cooley was unaware this employee had downloaded the data because it was downloaded directly onto the employee’s computer and not the office’s network, breaking security protocol. The employee had also not double-checked the data for accuracy before sending out the discs, which was supposed to be done according to the office’s procedure.
The Secretary of State’s office, however, claims that it was Cooley himself who had not only made the mistake of uploading the data to the wrong file in the first place, but that it was he who had removed the data from the file once the mistake was discovered, and so, fired Cooley for the data breach. Cooley maintains that he did not have the security access to manipulate the data himself – PCC was the only one who was able to do so. PCC has declined to comment on this matter.
It was on November 13th that Brain Kemp first learned of the data breach. However, his office did not publicly report the breach until a class-action lawsuit was brought against his office on November 17th alleging that there was a data breach. On November 18th, Kemp had a formal, public announcement that his office had accidentally released illegal voter data and on November 19th, he announced that all discs that had the information in question had been collected and destroyed, and that all recipients confirmed that the data had not been compromised on their end.

Whose records were compromised? All residents of Georgia who were registered voters as of October 13, 2015 had their birthdates, driver license information, and Social Security numbers accidentally released.
What to do if your record was compromised? Brian Kemp’s office will be offering 12 months of free credit and identity theft monitoring services through CSID for all voters whose personal information was exposed. Furthermore, if anyone’s identity becomes compromised within a year of the data breach, free identity theft restoration services will also be offered. Affected voters can obtain these services via https://www.csid.com/gasos/. Affected voters who have questions regarding the data breach can call the Secretary of State’s voter hotline: 404-654-6045. If you learn that your driver license information has been compromised, please contact the Department of Driver’s Services via www.dds.ga.gov/aboutus/contactus.aspx#_ for instructions.
Additional information:
http://sos.ga.gov/index.php/elections/statement_on_voter_data_security
https://www.csid.com/gasos/
http://www.ajc.com/news/news/state-regional-govt-politics/suit-accuses-georgia-of-massive-data-breach-involv/npQLz/


5.

Excellus Blue Cross Blue Shield Logo
Excellus Blue Cross Blue Shield Logo | Image Courtesy: excellusbcbs.com

Total amount of records compromised: 10 million-10.5 million
Who? Excellus Blue Cross Blue Shield - Syracuse, New York
When did the data breach start/occur? December 23, 2013 - May 11, 2015
When was the data breach noticed? August 5, 2015
When was the data breach reported? September 9, 2015
What was compromised? Names, birthdates, SSNs, addresses, phone numbers, member ID number, claims/financial account information, and a handful of credit card numbers
Was payment card information compromised? Yes
How did the data breach occur? Due to the many data breaches that occurred during the year to other health insurance providers, Excellus hired FireEye’s Mandiant incident response department to run an independent assessment of the security of their IT system. On August 5th, while conducting the assessment, Mandiant noticed that Excellus’s IT system had already been breached; Excellus notified the FBI and other law enforcement officials right away.
Excellus has since not revealed much about the details of the hack – how the IT system was hacked, who the perpetrators were, etc. – other than to say that there has been no evidence that the data in the IT system was actually removed. There have been several lawsuits filed alleging that data from the hack has already been used to create fraudulent financial accounts.

Whose records were compromised? The identities of members, patients, and vendors of Excellus were compromised in this data breach. Patients who had sought treatment in the 31 upstate New York counties serviced by Excellus prior to 5/11/2015 also had their identities compromised.
What to do if your record was compromised? Excellus BlueCross BlueShield is providing 2 years of free identity theft protection and credit monitoring through Kroll. Excellus mailed notices to those affected on September 9th – if your record was affected, you should have received a notice in the mail by November 9th. If you think your records were included in the data breach but have not yet received a notice, please call 1-877-589-3331 Monday-Friday 8AM-8PM EST or visit www.excellusfacts.com.
Additional information:
https://www.bcbsri.com/excellusfaq
http://www.excellusfacts.com/
http://www.wired.com/2015/09/hack-brief-health-insurance-firm-excellus-says-attackers-breached-10m-records/


6.

Premera Blue Cross Logo
Premera Blue Cross Logo | Image Courtesy: prnewswire.com

Total amount of records compromised: 11 million
Who? Premera Blue Cross - Mountlake Terrace, Washington
When did the data breach start/occur? May 5, 2014
When was the data breach noticed? January 29, 2015
When was the data breach reported? March 17, 2015
What was compromised? Names, addresses, birthdates, SSNs, bank account numbers, medical information, and other personal information
Was payment card information compromised? No
How did the data breach occur? How the data breach occurred: After discovering that their IT system had been hacked on January 29th, Premera notified the FBI and recruited the cybersecurity firm, Mandiant, to investigate the hack. To date, there have been no reports on who was responsible for the hack and how they hacked the system.
In April, it was reported that the federal government had notified Premera that an audit of their company had revealed that their digital security protocols were not up to standards, about which Premera did not act. It is through these security flaws that hackers allegedly were able to access the IT system.

Whose records were compromised? 6 million of the compromised records belonged to residents of the state of Washington who are employees of Amazon, Microsoft, and Starbucks. The 5 million other compromised records are from individuals all across the United States. It is possible that Blue Cross members who received health care services in the areas of Washington and Alaska serviced by Premera might have also had their records compromised due to the fact Blue Cross Blue Shield relies on 37 different independent companies to provide health care services – Premera being one of them.
What to do if your record was compromised? On March 17th, Premera began mailing notice letters out to affected individuals; all affected individuals should have received a notice from Premera by April 20th. To those who have been affected by the data breach, Premera has offered two years of free identity theft protection and credit monitoring through Experian. The deadline to obtain these free services was September 30, 2015. However, those who believe their data was compromised but have not been contacted by Premera are asked to call 1-800-768-5817 Monday-Friday 5AM-8PM PST.
Additional information:
http://premeraupdate.com/
http://www.businessinsider.com/government-warned-about-premera-hack-2015-4


7.

Experian Logo
Experian Logo | Image Courtesy: experian.com

Total amount of records compromised: 15 million
Who? Experian - Cost Mesa, California
When did the data breach start/occur? The exact timeframe has not been revealed; all that has been reported was that it occurred “over a limited period of time” in September 2015
When was the data breach noticed? September 16, 2015
When was the data breach reported? October 1, 2015
What was compromised? Names, addresses, SSNs, birthdates, various identification numbers (passport, driver license, military ID)
Was payment card information compromised? No
How did the data breach occur? On September 15, Experian noticed that their network server had been accessed by an unauthorized party; the database that had been accessed stored T-Mobile customer and credit application information. After investigating the hack, Experian noticed that the encryption used to protect sensitive data, such as Social Security numbers, was also compromised. To date, it is unclear exactly who or how they got into Experian’s network server.
Whose records were compromised? Some customers of T-Mobile and all those who had applied for T-Mobile financing services (regardless of whether or not they actually became a T-Mobile customer) from September 1, 2013 to September 16, 2015 had their records compromised.
What to do if your record was compromised? All individuals affected by this hack should have receieved mail notification by Experian by November 30, 2015. Experian has offered two years of free credit monitoring and identity resolutions services through ProtectMyID. The deadline to access these free services is April 30, 2016 and can be accessed by calling 866-369-0422 or by visiting www.ProtectMyID.com/SecurityIncient. If you have any questions regarding the hack or believe your data has been compromised but have not been notified, please email consumersupport@protectmyid.com.
There have been some talks of irony using the same credit bureau who had been breached for identity protection services after the fact, and so, for those who are affected and would like another option to monitor their identity, T-Mobile has offered two years of free credit monitoring, identity theft insurance, and identity restoration services through CSID. To access these free services through CSID, please visit https://www.csid.com/tmobileprotect/.

Additional information:
https://newsroom.t-mobile.com/news/experian-data-breach-faq.htm
http://www.experian.com/data-breach/t-mobilefacts.html
http://blog.fraudfighter.com/t-mobile-experian-hack-should-you-be-worried


8.

Office of Personnel Management Logo
Office of Personnel Management Logo | Image Courtesy: catalog.data.gov

Total amount of records compromised: 21.5 million, including 5.6 million individual’s fingerprints
Who? Office of Personnel Management (OPM) - Washington, District Of Columbia
When did the data breach start/occur? April 2015
When was the data breach noticed? April & Late May 2015
When was the data breach reported? June 4, 2015 & June 25, 2015
What was compromised? Names, SSNs, residency/educational history, information about immediate family and other personal/business acquaintances, health/criminal/financial history, fingerprints, usernames + passwords, other details
Was payment card information compromised? No
How did the data breach occur? In April 2015, the OPM discovered that their cybersecurity system had been hacked and that 4.2 million current and former government employees’ records had been stolen. On June 4, 2015, the OPM publicly disclosed that there had been a data breach and began notifying those whose records had been affected; they did not disclose whether or not sensitive information, such as Social Security numbers, had been stolen.
While preparing to announce the data breach, the OPM discovered that there had been a second hack in late May 2015 that resulted in the theft of even more sensitive information for millions of current, former, and prospective government employees; they discovered that Social Security numbers, along with other sensitive information, such as financial histories, were stolen. They pegged the total number of records affected in the hacks at 18 million. They publicly disclosed the second hack on June 25, 2015.
On July 9, 2015, the OPM sent out a release updating the total number of affected records from 18 million to 21.5 million. On September 23, 2015, the OPM sent out another release stating that 5.6 million fingerprints had also been a part of the information stolen in the data breach.

Whose records were compromised? 21.5 million current, former, and prospective government employees
What to do if your record was compromised? The OPM began sending out notifications to those affected in the second data breach on September 30, 2015; the OPM finished sending out notifications in mid-December. Those affected in the first breach should have already received notifications earlier last year. For those whose records were compromised as well as any children they have who were under the age of 18 as of July 1, 2015, the OPM will be giving three years of free credit and identity monitoring, identity theft insurance, and identity restoration services through ID Experts.
If you believe your records were a part of either data breach and have not received a notification yet, please contact 866-408-4555 or visit https://opmverify.dmdc.osd.mil/. Please note that you will be asked to provide your name, address, Social Security number, and birthdate in order to verify if your identity was compromised.
In about 2-4 weeks, you will then receive a letter through the US Postal Service verifying whether or not your records were compromised. If you receive a letter confirming your identity was compromised, please follow the instructions on the letter you receive for further actions. If you receive a letter confirming your identity was not compromised, no further action on your part is necessary.

Additional information:
https://www.opm.gov/cybersecurity/#FAQs
https://www.opm.gov/news/releases/2015/07/opm-announces-steps-to-protect-federal-workers-and-others-from-cyber-threats/
https://www.washingtonpost.com/news/the-switch/wp/2015/09/23/opm-now-says-more-than-five-million-fingerprints-compromised-in-breaches/


9.

Screenshot of AshleyMadison.com Home Page
Screenshot of AshleyMadison.com Home Page | Image Courtesy: techworld.com

Total amount of records compromised: 37 million
Who? Ashley Madison (owned by Canadian Avid Life Media); Toronto, Ontario, Canada
When did the data breach start/occur? About seven years ago
When was the data breach noticed? July 15, 2015
When was the data breach reported? July 20, 2015
What was compromised? Names, addresses, phone numbers, email, amount paid, four digits for each transaction, descriptions for what each individual was seeking
Was payment card information compromised? No
How did the data breach occur? On July 15, 2015, a group called “The Impact Team” announced that they had hacked AshleyMadison.com, stolen their user data, and threatened to release the data to the public if Avid Life Media, Ashley Madison’s parent company, did not shut down AshleyMadison.com as well as its sister site, EstablishedMen.com. Several days later, after Avid Life Media did not meet their demands, The Impact Team released a small sample dump of 2,700 records to prove that they had legitimate records.
On August 18, 2015, Avid Life Media had still not met their demands and so The Impact Team went ahead and released 9.7 gigabytes, which was a good chunk of the data they had accumulated over the years on BitTorrent. They released a second, much larger round user data on August 20, 2015; this release included 12.7 gigabytes of corporate emails.
The Impact Team seems to have targeted AshleyMadison.com and EstablishedMen.com on moral grounds. They also have financial motivations as well – to show that the $19 fee that AshleyMadison.com collected from users wishing to delete their profiles did not actually permanently delete their records from their system.
The Impact Team claims to also be in possession of 300 gigabytes of corporate/employee emails and other documents, tens of thousands of user pictures (a third of which prominently feature a certain body part) and user chats and messages. They say that they will not dump the user pictures and employee emails. They are considering releasing executives’ emails and documents.

Whose records were compromised? Those with accounts on AshleyMadision.com, including those who paid to delete their accounts
What to do if your record was compromised? Because no sensitive information - such as credit card numbers or Social Security numbers - that could be used to steal an identity was stolen, users of AshleyMadison.com who had their data compromised do not need to take steps to monitor your identity for fraudulent usage. However, just as it is with any other data breach, be sure to change your password, just in case.
Additional information:
http://media.ashleymadison.com/statement-from-avid-life-media-inc/
http://media.ashleymadison.com/statement-from-avid-life-media-inc-august-18-2015/
http://motherboard.vice.com/read/ashley-madison-hackers-speak-out-nobody-was-watching


10.

Anthem Logo
Anthem Logo | Image Courtesy: antheminc.com

Total amount of records compromised: 80 million
Who? Anthem; Indianapolis, Indiana
When did the data breach start/occur? April 2014
When was the data breach noticed? January 29, 2015
When was the data breach reported? February 5, 2015
What was compromised? Names, addresses, birthdates, emails, SSNs, medical IDs, employment + income information
Was payment card information compromised? No
How did the data breach occur? Sometime in April 2014, Anthem, the largest health insurance company in the Blue Cross and Blue Shield Association suffered a data breach; the records of 80 million individuals was compromised in this hack. Upon learning of the breach in January 2015, Anthem publicly released that they had been the victims of a cyber-hack on February 5, 2015 and began notifying those that had their records stolen in the data hack.
It is suspected that a state-sponsored Chinese hacking group known as “Deep Panda” is responsible for the hack due to similarities between how the group operates and the details of how the data breach at Anthem occurred.

Whose records were compromised? Current and former members of Anthem’s affiliated health plans (Amerigroup, UniCare, CareMore, and Healthplus), including members of independent Blue Cross and Blue Shield plans who had received healthcare services in areas that Anthem serves (California, Colorado, Connecticut, Georgia, Indiana, Kentucky, Main, Missouri, Nevada, New Hampshire, New York, Ohio, Virginia, and Wisconsin) as well as non-Anthem/Blue Cross members whose employers offer Anthem health plan options may have had their records compromised.
What to do if your record was compromised? For individuals whose records were compromised, Anthem began providing 2 years of free credit monitoring services and identity theft repair through AllClear ID on February 13, 2015. To enroll in these free services, please call 877-263-7995 or visit http://anthem.allclearid.com. Anthem has mailed notices via the US Postal Services to those who have been affected by this data breach.
If you believe your identity was compromised by this data breach but have not been contacted by Anthem, please call 877-263-7995.

Additional information:
https://www.anthemfacts.com/
https://anthem.allclearid.com/
http://money.cnn.com/2015/02/04/technology/anthem-insurance-hack-data-security/


Want to be In Charge of Protecting Your Own Identity?

If your record was compromised in one of these data breaches but do not want to sign up for the free identity protection/credit monitoring services offered by the affected organization, you should:

  • Obtain a copy of your credit report
    • You are entitled to one free credit report every 12 months. If you have not obtained a copy of your credit report in the past 12 months, you can request a copy by:
      • Calling 1-877-322-8228
      • Printing out an Annual Credit Report Request Form from annualcreditreport.com, filling it out, and mailing it to:
        • Annual Credit Report Request Service
        • P.O. Box 105281
        • Atlanta, GA 30348
    • If you have already obtained a free copy of your credit report within the last 12 months and would like another one, you can purchase a copy by contacting one of the three major credit bureaus (contact info for the three credit bureaus can be found below)
  • Place a fraud alert on your credit report - There are two types of fraud alerts that you can place on your credit report: an initial alert or an extended alert. You can place a fraud alert by contacting any one of the three credit bureaus; each bureau will notify the other two bureaus of any fraud alerts placed.
    • Initial alert: An initial alert stays active on your credit report for 90 days This type of alert is most effective when you suspect that you have been or are about to become a victim of identity theft.
    • Extended alert: An extended alert stays active on your credit report for 7 years.
  • Place a credit freeze on your credit report – A credit freeze is also referred to as a ‘security’ freeze. Its purpose is to prevent anyone from accessing your credit report without your consent, thereby preventing any fraudulent credit lines from being opened in your name. The catch is that this freeze will also prevent you from opening credit lines in your name until you lift the freeze.
    • Credit freeze procedures and laws vary state by state, so be sure to double-check how to properly place a credit freeze in your state.
    • Unlike a fraud alert, you will need to contact each individual credit bureau in order to place a credit freeze.
    • Unlike a fraud alert, a credit freeze comes with a fee, typically $5-$20. This fee is incurred when placing, temporarily lifting, or permanently removing a credit freeze.
      • Fees incurred will vary by state and by credit bureau. Information on credit freezes and their fees can be found using the “Security Freeze” links below.
  • Consider purchasing identity protection services from an independent company
    • For a monthly fee, identity protection services will typically:
      • Monitor credit reports from the 3 credit bureaus, credit cards, Social Security numbers, public records, bank accounts, change of addresses, and the like
      • Offer identity theft insurance, typically at least $1,000,000
      • Deliver credit reports on a predetermined, recurring basis
    • For those who'd like to purchase identity protection services, the following is a link to a list of identity protection service companies that you can use to compare companies in order to find the right fit for your needs

Credit Bureau Contact Info

EQUIFAX
Address P.O. Box 740241
Atlanta, GA 30374
Phone number 1-800-685-1111
Website www.equifax.com
Fraud Alert https://www.alerts.equifax.com/AutoFraud_Online/jsp/fraudAlert.jsp
Security Freeze https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp

EXPERIAN
Address P.O. Box 2104
Allex, TX 75013
Phone number 1-888-397-3742
Website www.experian.com
Fraud Alert https://www.experian.com/fraud/center.html
Security Freeze http://www.experian.com/consumer/security_freeze.html

TRANSUNION
Address P.O. Box 2000
Chester, PA 19022
Phone number 1-800-888-4213
Website www.transunion.com
Fraud Alert https://www.transunion.com/fraud-victim-resource/place-fraud-alert
Security Freeze http://www.transunion.com/personal-credit/credit-disputes/credit-freezes.page

If you suspect your identity has already been stolen and that your information is being used fraudulently, please contact your local law enforcement officials, the Federal Trade Commission, and your state attorney general. To learn more about identity theft and what to do if your identity has been stolen, please do one of the following:
• Call 877-438-4338
• Visit www.consumer.gov/idtheft
• Write to:
Federal Trade Commission Consumer Response Center
600 Pennsylvania Avenue, NW
Washington, DC 20508

Topics: identity theft, fraud, hack, data breach

Discussions