What to do when your ID has been stolen
Except for Ed Haag, the names that follow aren't real, but the people and their stories about identity theft are. The experiences are important because ID theft can happen to any of us.
The three people profiled here are part of the Chicago-area small business community.
Although each incident involves a bank, the banks aren't named. For the most part, banks whose customer accounts are hacked generally are no more guilty than the customers whose data are at risk -- even though a review might suggest a training shortfall.
Ed Haag is president of Schaumburg-based Undo Identity Theft Inc., a guy who can suggest to those whose data may be at risk what to do.
Two of our interviews were with business owners who received letters thanking them for opening a new online account at what we'll call Bank X. Neither had an account at the bank; one of the two, Charles Evans (a name I often use when it is important to protect an owner's identity) didn't even know where the bank's nearest office was. The other, Charlene Johnson (same reason) raised an interesting issue: "How can you open an account without making a deposit? And how can you make the deposit without giving the banker money?"
The primary concern, Haag and others say, is your Social Security number. Once a cyber criminal has that information, all sorts of personal data become available.
The third individual, Beau Adams, received a form letter from his bank notifying him that, a month earlier, a bank employee had inadvertently revealed his name and bank account number (but not Social Security or other personal information). The institution, Bank B for our purposes, assured Adams that his funds were safe -- and, with a month already gone by between the incident and the notification and no inappropriate account activity, Bank B may have been right.
The problem for our three business owners comes to this: In one way or another, their accounts have been compromised. The issue now is how to repair the damage.
• Close all accounts you currently have open at the bank involved, then reopen the accounts with new numbers -- or switch banks.
• Set up alerts on all financial accounts. (Johnson already has done this, demanding a private security word that a banker must verify before discussing financial information with her.)
• Place a credit freeze at each of the three credit bureaus: TransUnion, Equifax and Experian. Fraud alerts are an option, but a credit freeze is stronger. "A freeze will complicate your life, but it's more effective than a credit fraud alert," Haag says.
• Change passwords on all of your financial accounts, including retirement accounts that may be outside the bank.
• File a police report. Police departments will not do much other than open the report, but, Haag says, credit bureaus will want the report for verification.
• Contact the FTC and file an identity theft affidavit. Identitytheft.gov is a useful resource.
• Change the security code on all of your electronic devices -- your phone, laptop and the like.
• Change the password on all of your social media accounts and restrict automatic logins.
• Run a security scan on all of your personal devices. You'll be looking for keystroke malware that allows a cyber criminal to watch as you type in new security information.
• Enroll in an identity theft protection service. Professionals there will help repair problems and watch for future issues. Good resources, Haag says, are the Identity Theft Resources Center, FTC and his own company, Undo Identity Theft Inc.
• © 2018 Kendall Communications Inc. Follow Jim Kendall on LinkedIn and Twitter. Write him at Jim@kendallcom.com. Read Jim's Business Owners' Blog at www.kendallcom.com.