Karyn Sullivan was hit by the Archdiocese of Seattle data breach. The church did not offer free credit monitoring to those who had their information stolen. Soon after, someone filed a fraudulent tax return with Sullivan’s social security number.
“I think they need to offer the victims more in the way of protection and help,” said Sullivan.
Target offered credit monitoring to more than 100 million customers following its breach. The question being asked by security experts like Trend Micro's Christopher Budd: Does credit protection really protect anything?
“An important thing to understand is, these things don't prevent necessarily bad things from happening. They notify you promptly when bad things happen,” explained Budd.
Once on the black market, identities are sold quickly, sometimes before a company makes the breach known to the public.
“It's definitely a case that, that these things happen, they're offered after the thing has happened,” said Budd.
Some credit monitoring services only cover one of the credit agencies, so it’s up to you to further protect yourself. File a free fraud alert on your credit file. You’ll have to renew it every 90 days because it will expire. And know the four credit agencies to watch: Equifax, TransUnion, Experian and Innovis.
It’s also important to know what credit monitoring won’t cover. According to the blog Krebs on Security, the site that announced the Target breach, credit monitoring won't protect bank account transactions or fraudulent credit card charges. It won't stop someone from getting a driver's license in your name or protect your 401K.
Check with the institution handling your retirement account to see if it has a reimbursement policy on unauthorized activity. Also get an annual credit report and, if necessary, freeze your file so no one can setup an account without permission.
Information from the IRS on identity theft
Information from Social Security on identity theft