AAFCPAs Guidance in Response to Equifax Data Breach

Posted on September 8, 2017December 12, 2019

As you may be aware, Equifax, one of the United States’ three major consumer credit reporting agencies has been breached, and personal information of approximately 143 million Americans has been compromised.
Information, including: names, social security numbers, birth dates, addresses and driver’s licenses, stored in Equifax’s databases have been stolen. Additionally, credit card numbers for about 209,000 people were exposed, as was “personal identifying information” on roughly 182,000 customers involved in credit report disputes.
How do I know if I am impacted?
You may visit Equifax’s website (https://www.equifaxsecurity2017.com) and click the “Potential Impact” tab to check to see if your personal information is potentially impacted. In addition, Equifax has reported they will be mailing notices to people whose credit cards or dispute documents were affected.
What does AAFCPAs advise?

Visit the Equifax website to see if your personal information has been exposed. Equifax will require you to input your last name and last 6 digits of your social security number (Please be advised, Equifax is offering free identity theft protection and credit file monitoring services; however, CNNMoney is reporting concerns regarding enrolling in Equifax’s credit monitoring service.)
Monitor your credit card statements for charges you do not recognize.
Request a copy of your credit report. If you reside in Massachusetts, you are entitled to an annual, free credit report from each of the large credit bureaus. AAFCPAs encourages clients to monitor data in your credit reports annually to make sure there are no errors.
Subscribe to credit monitoring through a source that uses the big three credit bureaus. It is important that the service provides alerts related to name and address changes, as well as credit related events, such as inquiries and new credit instruments. Please be advised, kids are targets too, and some credit monitoring services allow for free monitoring of your kids’ social security numbers.
Request an initial 90 day fraud alert with the 3 credit bureaus. This will require creditors to ask for additional information before granting credit. As a precaution, AAFCPAs recommends that consumers renew after the 90 day period.
Consider a 5 year credit freeze if there is evidence of fraud.

AAFCPAs would like to raise readers’ awareness about the likelihood of phishing emails. Those affected by the breach are at an increased risk of receiving more sophisticated phishing emails that use information obtained to appear more personal and accurate. As a best practice, consumers are advised to make transactions directly with the institutions. Call the published number rather than one provided in an email, and visit the public website versus clicking on a link in an email.
Visit Identitytheft.gov/databreach to learn more about protecting yourself after a data breach.
For more information about cyber security and IT risk assessment, please contact your AAF Partner, or James Jumes, leader of AAFCPAs’ integrated business & IT advisory practice at: 774.512.4062 or jjumes@nullaafcpa.com.

About the Author

James Jumes, MBA, M.Ed.

James joined AAFCPAs in 2013 to lead the firm’s Business Process & IT Consulting practice. He leads a team of senior technologist in the delivery of solutions related to business intelligence & productivity, information risk management and cybersecurity, and special IT attestations, compliance, and certifications. His goal is to strengthen the links between people, process, and technology, which increases productivity and drives business growth. James has more than 30 years of experience working with information technology …

Related Insights

Safeguarding Against Holiday Season Phishing and Cyber Threats

AAFCPAs would like to remind clients that the period between Thanksgiving and New Year’s is a prime time for phishing and other malicious cyberattacks. Cybercriminals take advantage of increased internet shopping, debit/credit card use, and the influx of holiday offers to deceive individuals into disclosing sensitive information. Now more than ever, vigilance is required in […]

Shift in EEC Funding Model Requires Business Process Assessment

Effective October 1, 2024, the Massachusetts Department of Early Education and Care (EEC) shifted its contract reimbursement from a primarily unit-rate model to a mix of unit-rate and cost-reimbursable contracts. Under the new contracts, childcare seats will be reimbursed on a unit-rate basis while administrative and supportive services will be funded through cost reimbursement contracts. […]

Cost Center Coding Strategies for Effective Grant Reporting

For complex human and social services providers, managing grants and ensuring compliance can often feel like navigating a labyrinth. One effective strategy to simplify this process is through cost center coding. AAFCPAs provides the following detailed guidance on how to leverage cost center coding to streamline grant reporting and maintain compliance. Design Your Cost Centers […]