The fact is, most of us had our Social Security numbers stolen three years ago, in the Equifax credit history breach of March 2017. But there are many other breaches where SSNs were taken along with other personally identifying information (PII). Your Social Security information can also be stolen from your mailbox, which is a crime, and even your trash can, which is NOT a crime. If your Social Security number has been used fraudulently, or you are a victim of identity theft, here are some important actions you can take to resolve the problem.
- Report the theft. The theft of your SSN should be reported to the FTC site IdentityTheft.gov. You may need a police report for insurance and other legal purposes. If so file a report with your local police department. You should let them responding officer know you need a police report from them, keep the officer or detective’s name, and follow up if necessary. This is not going to be the crime of the century for them, so this may take time. You can always escalate your request to the police chief. If you suffered a financial loss, you also should file a report with the FBI site at IC3.gov.
- Check to see if your SSN is for sale. SSNs and other PII are for sale on the Dark Web. Many credit card companies, and the three credit bureaus all have tools to help you scan the Dark Web for your Social Security number. This is one way to confirm if your information is “in the wild.”
- Review your credit report. You can order a copy of your credit reports from the three major consumer credit bureaus for free every 12 months using AnnualCreditReport.com. Look for recent activity, or lines of credit with companies you don’t recognize.
- Freeze your credit. You can request a credit freeze from the three credit bureaus (TransUnion, Experian, and Equifax). This blocks the use of your credit information in new applications for credit cards or loans. I did this for my own credit history. But if you are applying for something like a new car loan, be prepared to lift the credit freeze temporarily for your own new loan.
- Set up a fraud alert. As an alternative, you can request an extended fraud alert from the credit bureaus that lasts for seven years. You will be alerted by email or text message any time someone tries to access your credit history or applies for a new line of credit.
- Close fraudulent accounts. If your SSN or other identity information was used to open a credit account, you should contact the fraud department of the company that used that information and report the identity theft. This is a situation that may require that police report we wrote about earlier.
- Check your employment history. To see if your Social Security number has been used fraudulently by someone else to get a job, review your Social Security Statement at www.socialsecurity.gov/myaccount to look for employers that you never worked for..
- Get a new Social Security number? While this is a possible option, the SSA makes the process daunting. You need to demonstrate serious and ongoing financial losses, and have reported the crime to the police, and made a good faith effort to identity the thief. Even if you are given a new number, the old number will still be active
If your Social Security number, or other PII has been stolen, it is up to you to take action to ward off serious financial repercussions. There have been cases where a stolen identity was linked to the commission of a crime, and innocent people were arrested for crimes committed by the identity thief. Take these steps now if you think you may be a victim of identity theft.Share
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com