It seems hardly a week goes by before the morning news brings the announcement that another major company has suffered a data breach. This week it is the health care company Anthem that has been breached. In this instance some 80 million customer records may have been compromised. The information in the database included names, social security numbers, birth dates, and addresses. This is the identity information needed to access someone’s financial records or make false tax claims.
This raises the question of what an individual should do in the event a company that holds their personal information is compromised. The U.S. Federal Trade Commission (FTC) provides some helpful information. Key steps involve monitoring credit card and bank accounts for indications of unauthorized activity, requesting the free credit reports under the Fair Credit Reporting Act and placing fraud alerts with the credit reporting companies, and following up with the company or organization that compromised your information. The company’s responsibilities will vary depending on the state where they do business and the state where you live. As I mentioned in an earlier blog, the U.S. does not have a federal breach notification law and individual states have tried to fill the gaps with a variety of other measures.
If you believe you are the victim of identity theft it is important to notify the credit reporting agencies, the credit card companies that you do business with currently, and law enforcement agencies. The IRS, FTC, and other agencies provide information on what to do if a breach occurs. Also check with your insurance company. Many homeowner owner and renters policies offer coverage for identity theft losses. There are also supplemental identity theft insurance products available for purchase. Many times the companies that are breached will provide this coverage for a period of time for customers affected by a breach.
Ultimately the burden of due diligence in protecting personal data falls upon the consumer. Your credit and financial reputation is continually at risk so you need to be careful with whom you share your information.