Site icon Yes, I Am Cheap

I’ve Been Hacked and My Identity Stolen. Now What?

Protect my ID

Somewhere in the world, some hacker – who I hope is living a lonely existence – is pretty proud of himself.  Not to be sexist here because girls can code too, but I envision a twenty-something basement dweller with little to no social life except the persona he has created online and the constant reminders from his mom to take out the garbage.  Some moron, maybe government sponsored, with no conscience and what I hope is a face full of pimples sits in his mom’s basement and bangs out code designed to steal people’s identity and peace of mind.

Earlier this month, Anthem Blue Cross, one of the largest providers of health insurance on the East Coast, confirmed that hackers had gained access to sensitive data belonging to up to 80 million people in what has been called “a sophisticated intrusion”.  I call bullshit.  Rather, some security administrator somewhere clicked on a link that they were not supposed to click on and gave hackers back door access to the encrypted information of millions of people.

Included in the data accessed were names, Social Security numbers, addresses, salary data, date of birth, marital status and just about everything that an identity thief needs to pretend to be you, your spouse or your kids for years to come.  Anyone who had Blue Cross through a number of Anthem’s subsidiary companies dating all the way back to 2004 has been compromised…including me.

Not to worry though, they didn’t access sensitive medical information as far as Anthem can tell. Because, you know, all of the other information they accessed wasn’t sensitive or anything.  I’m sure that by now packets of high value information are floating around the dark web for sale to the highest bidder.  Fun times.

This isn’t new.  Just about every single week you hear stories of large scale hacks or information intrusions with millions of Americans as victims.  At this point, no matter how well you safeguard your own information, it is possible that a large company that somehow doesn’t think that it needs to encrypt sensitive data can leave a trap door open to your information, and there goes your identity.

I was the victim of identity theft some 15 years ago while I was a college student.  Someone somehow gained access to my information (I suspect it was a neighbor) and proceeded to run up a huge credit card bill in my name.  Since my mailman at the time was notorious for dropping my mail off at other people’s homes (I’m thinking he had a problem, you know, reading) I knew that all I could do was close the account, alert the authorities and then put a fraud alert on my credit profile.  Since then I have been very diligent about opting out of credit card offers, having my bank and credit statements delivered electronically, shredding any personally identifying information with a cross cut shredder, actively checking my credit profile, and basically doing everything I could to ensure that no one was able to pretend to be me in order to score a large flat screen television.

But it doesn’t matter what I have done or what you have done to protect your identity.  The fact still remains that large retailers such as Target and Home Depot and banks such as Chase and Wells Fargo have all been hacked in recent months.  While your credit card information can be valuable, the real Holy Grail is everything that Anthem has handed hackers on a silver platter – the information that comprises your entire identity.

Forget about opening credit cards in someone’s name.  What if you can take out a mortgage in their name? My aunt has had this happen.  What about collecting someone else’s Social Security checks for years?  Had this happen to an uncle.  He’s still trying to fix that mess.  What about filing taxes and collecting refunds before the individual has had a chance to do so themselves.  It happens all the time and is more common than you think.  What about someone else pretending to be you for years and years to come? They’re able to commit crimes in your name.  Or go to the doctor and rack up huge bills without paying.  This happened to someone I know and they were only able to prove that this person was not them because my friend had had his appendix removed and this person had all of their organs.  Someone can simply assume your identity and do whatever they want.  That, my friends, is the prospect that millions of us now face.

Not to worry though, because Anthem is offering lots of services to help if you have been a victim of their particular hack.  I’m not buying all that they’re selling because your identity is more than just your credit profile.  And what if you have been a victim of another hack but aren’t a customer of Anthem?  You have options for protecting your identity.

The Federal Trade Commission (“FTC”) is the federal agency in charge of helping the general public with identity theft.  They have a host of resources available to anyone who may have been a victim of my hacker friend.  Check out their video below.



So, if you may have been the victim of a hacker, here are your next steps:
  1. Immediately place a fraud alert with the three credit reporting agencies.  The best part about this is that you generally need to only call one agency and they will alert the other two agencies.  Just in case they do not, the information for all three credit reporting agencies is below.  Be sure to ask that they show only the last 4 digits of your Social Security number on your report. Equifax 1‑800‑525‑6285; Experian 1‑888‑397‑3742; TransUnion 1‑800‑680‑7289.Fraud alters are generally in place for 90 days, however, you can extend the alert after the initial 90 days.
  2. Obtain copies of your credit report.  Not only are you entitled to a free copy of your report every year from annualcreditreport.com, you are able to obtain a copy of your credit report for free as well if you may have been a victim of identity theft.   This will allow you to see if our fraudster friends have opened new accounts or attempted to establish credit in your name.
  3. If specific accounts have been compromised, be sure to contact those companies and ask to speak to their fraud department.  If you communicate with these companies, be sure to get everything in writing to protect your rights.  If you must mail anything to these companies, keep copies and send everything via certified mail with return receipt to prove that you have mailed documentation on time.
  4. Create an Identity Theft Report. This is a little harder than it sounds, but absolutely worth the process.  You will need to submit a complaint to the FTC which creates an Identity Theft Affidavit.  You will then need to file a police report about the identity theft and get a copy of that report.  You’ll want to have your Identity Theft Affidavit with you when you file the police report.  Attach your FTC Identity Theft Affidavit to your police report to create an Identity Theft Report.  It’s like a Transformer.  The documents have magically transformed. What the Identity Theft Report allows you to do is place an extended fraud alert on your credit file that stays in effect for 7 years.  This is what I did back in the Ice Age in my 20’s.  It also allows you to get two free credit reports from all three credit reporting agencies within one year from the date that your extended alert is placed.  The Identity Theft Affidavit also makes it easier to block identity theft related items from appearing on your credit report.  Speaking of that, on to the next step.
  5. Monitor your credit report and dispute any identity theft related items.  You even have the right to see the documents that the identity thief used to open the accounts.  Sometimes the fraudster is someone that you know, and this can help to identify the thief.I’ve been talking a lot here about identity theft related specifically to your credit, because it’s the most lucrative.  Don’t think that I’ve forgotten about medical, criminal, mortgage or tax theft.  The good folks at the FTC knows that this happens.  There is a wonderful document, What to do if Your Identity Is Stolen (PDF) that you can follow that has a great check list and sample dispute documents that are useful in these situations as well.
  6. Finally, if you’re totally freaked out you can place a freeze on your credit profile.  When a freeze is in place potential creditors will not be able to get a credit report at all.  Depending on what state you’re in, you may be charged a fee to place the credit freeze on your profile.  The only thing to keep in mind is that if you want an external party to view your credit report, you will need to lift the freeze temporarily.  You might be charged a fee for that as well.

There are also paid services out there that can help with identity theft protection.  ProtectMyID comes with a $1 million identity theft insurance policy, will alert you if there are changes to your credit report, monitor the dark web for your information and preform a host of other services.  The good folks at Experian have been kind enough to offer free access to their ProtectMyID solution to a number of my readers!  I’ll give 5 lucky readers a code valid for one year of service.  All you have to do is answer one question.

So, tell me, what do you do to protect your identification?  When leaving a comment be sure to fill out the e-mail line so that I can e-mail your code to you. Good luck!

P.S.  Equifax is offering these one year passes for free.  I haven’t been paid to write about their product or service in any way.  I just thought that you’d appreciate a freebie.

Image found at ProtectMyID.com