Last updated on November 27th, 2020
Capital One’s slogan of “What’s in your wallet?” may need an upgrade thanks to the data breach that was reported this week. Who’s in your wallet?
If you’ve seen the news lately, you may have heard about what’s considered to be one of the biggest data breaches in US history to date: a hacker gained access to the personal information of over 106 million individuals who applied for credit through Capital One. Personal data including self-reported income and birth dates were compromised, and approximately 140,000 Social Security numbers, and 80,000 bank account numbers were also stolen. The Virginia-based lender stated that they saw the vulnerability in its system on July 19th, and immediately contacted the FBI and law enforcement; the perpetrator has reportedly been arrested in Seattle. It’s estimated that the hack took place between March 12 and July 17 of 2019; Capital One has stated that it is unlikely that the information that was swiped has been used for fraud, but investigations are still ongoing. Capital One has also said that it appears that the data stolen dates back to 2005, so this breach may affect customers who have not applied for a Capital One card recently. This isn’t the first major data breach to affect credit card users in the United States; in 2017, Equifax saw hackers breach their system and steal the personal information (including Social Security numbers and home addresses) of almost 148 million Americans between May and July of that year. The Capital One breach coincides with an FTC (Federal Trade Commission) and Consumer Financial Protection Bureau settlement with Equifax, who will be required to pay at least $575 million as recompense for what was widely considered a preventable breach. Capital One may soon find itself in the same boat once the dust settles, but in the meantime, what can we do to protect ourselves when we learn that a credit issuer, bank, or bureau that we use has had a data leak?
How To Beef Up Personal Data Security
Our experts recommend five immediate steps to take in order to protect yourself when you’ve experienced credit card fraud. These steps are also important to consider when you’re the victim of a hack like the one Capital One is currently dealing with, but there’s more you can do to protect yourself. Contact Capital One immediately if you bank with them to see if you’re affected by this. If you think your data may have been exposed thanks to this data breach and you’re unsure of what to do next, BestCards.com is here to help! We break it down for you:
1) Freeze Your Credit
Security experts agree that a credit freeze is the best recourse to take as a first step in the event that your personal information may have been stolen thanks to a data breach like the one Capital One has experienced. Often, you’ll read that the first step should be a fraud alert, but a credit freeze is actually much more effective.
What’s a credit freeze? A credit freeze prevents loans and other services from being opened in your name without your consent. Freezing your credit does not affect your credit score, and it’s now a free service provided by each of the three credit-reporting bureaus that can be accessed either online or over the phone. In order to freeze your credit, the FTC says you’ll need to gather your name and address, date of birth, Social Security number, and other personal information. Once you’ve contacted each credit bureau, you’ll receive a unique PIN which can be used to reverse your credit freeze the next time you need to apply for credit.
After a data breach of this sort, this option is more effective than a fraud alert, since a fraud alert is simply a red flag that alerts the company you’re banking with that you may have been the victim of fraud, while a credit freeze actually prevents anyone from using your data to apply for credit in the first place. It’s best to both freeze your credit and alert the issuer about possible fraud
2) Change Your Passwords
Perhaps the easiest step to take to protect yourself is to change the passwords for the accounts you think may have been compromised. Not only can you make it that much more difficult for someone to access your account, but you can also create a stronger password while you’re at it. Many people opt for passwords that are easy to remember, and use them across different platforms so they don’t have to remember individual logins – but this also means that many of our passwords are also easy to guess. Update your password and consider using a password aggregator that features a random generator such as LastPass, Keeper, Dashlane, or KeePass. These services will help you to generate unique, complex passwords that will be difficult to guess and keep thieves away from your personal data.
3) Be Wary of Scams
In the wake of a hack of this magnitude, crooks and cons will often try to capitalize on the confusion that inevitably follows a data breach. This means that there may be an uptick in the number of Phishing attacks, as ne’er-do-wells may pose as legitimate, trusted companies in an attempt to collect additional information to be used for fraud. Ignore unsolicited requests for information – personal or otherwise – and be wary of clicking links that are sent to your email by accounts that may present themselves as genuine. If the card issuer or bank doesn’t request to contact you directly, don’t respond to the email. Capital One has asked that any consumers who believe they receive a fraudulent email that is phishing for data to forward the email to: email@example.com. Remember, it pays to be vigilant, so if you receive an email (or a phone call) and you’re not sure if it’s a legitimate request or if you’re suspicious, contact your bank or the company that is claiming to contact you so that you can ensure you’re not accidentally giving away personal information. Another easy way to monitor your accounts is to sign up for credit monitoring. Credit monitoring services can help you keep an eye on your accounts by sending you alerts when any account is opened in your name, or even in the name of a family member. There are free sites, like Credit Karma, that offer complimentary credit monitoring, but for services that are more thorough, you’ll end up paying anywhere from $10 to $30 each month. When you consider the alternative, this may be worth it. Only time will tell just how much data was compromised in the Capital One breach. If you recently applied for a Capital One card, or you have an account with Capital One, you may be anxious to find out more. Follow the above steps to ease your mind, and make sure you contact a representative at Capital One to find out what they can do to help with this process.