5 Key Steps to Keep Your Personal Data Safe, That I Learned Reporting on the Equifax Breach Affecting 150 Million People

Bob Sullivan

I spent six months working with a team of producers at Spoke Media investigating the Equifax hack for our “Breach” podcast, and I learned a lot about the cascade of errors that led to what many call the most important hack in history.

Now I’m sharing my tips so you can survive it―and prepare for the next one.

When Equifax was hacked in 2017, a lot of people called it the Big One. It affected nearly 150 million people—that’s more than half the U.S. adult population. And criminals got the goods: Social Security numbers, driver's license numbers, addresses.

It's not an overstatement to say that the Equifax hack really has changed the public conversation around privacy and technology, but I think something even deeper has occurred. We’ve awoken to a scary new reality of how money is made in our time.

The popular saying holds true: "If you aren't paying for the product, you are the product." That lets you know why you should be wary of cute "free" flashlight apps for your phone or games your kids use. And understanding that your data is raw material for profits takes this notion one step further. Your data is a (nearly) free resource, ripe for abuse.

Plenty of conversation is afoot to change that. There's talk of a U.S. version of Europe's privacy law, GDPR, which would put firms that misuse information at risk of steep fines. Such rules will likely be slow in developing, however.

In the meantime, you can heed lessons from the Equifax story and take some steps to protect yourself now.

1. Freeze Your Credit Report

A credit freeze locks down your file, making it tougher for anyone—including you—to open new lines of credit in your name. (You can temporarily unlock your file when you do need to obtain new credit.)

Mandating that credit reporting companies implement such freezes for free is the one concrete step Congress has taken since the Equifax hack to empower consumers. Take advantage, and freeze your report at all three nationwide credit bureaus—those are Equifax, Experian, and TransUnion. Instructions can be found at the Federal Trade Commission’s website.

2. Know What They Know

Obtain free copies of your credit reports each year at—you’re entitled to one from each of the three major credit reporting companies. But that’s not the whole picture. You also have dozens, maybe even hundreds, of specialty credit reports. They track your insurance claims, or your check-writing habits, or even your criminal record.

Bob Sullivan with cohost Alia Tavakolian of Spoke Media, recording “Breach.” (Photo provided by Bob Sullivan.)

We chased after dozens of these for a willing podcast volunteer, and one such report indicated (incorrectly) a felony conviction for drug dealing. Here's a list of specialty reports from the Consumer Financial Protection Bureau.

3. Limit Who Has Your Data

The fact is, everybody says they use state-of-the-art security—and breaches still happen. So, operate under the assumption that your data might get hacked. Make a fuss when asked for your data (especially sensitive details like your Social Security number), and say “no” any time you can.

In hacker lingo, you want to limit your attack footprint as much as possible. The fewer companies that have your data, the lower your odds that you’ll be hacked.

More from Grow:

  • Keeping Thieves From Ruining Your Credit Just Got a Little Easier

  • 5 Money Moves to Make Before You Leave a Job
  • Here Are the Credit Bureaus You Need to Contact About Fraud

  • 4. Monitor Breaches as They Unfold

    When a company announces a breach, look beyond the first headlines. Details of the hack often worsen as the investigation progresses. You might initially think you’re in the clear, only to find out later that you’re affected—or discover that more of your personal information was compromised.

    5. Stay Vigilant

    One of the unnerving things about breaches is that victims don’t always feel the impact immediately. As CNBC recently reported, there is no evidence a flurry of ID theft occurred in the wake of the Equifax hack. That’s not good news.

    Whoever stole the data is sitting on it for some larger purpose. Cybersecurity experts say a nation-state or large organization is likely hoarding it with plans to use it for intelligence purposes. Gartner analyst Avivah Litan says she believes the Equifax data is being matched with other large stolen data sets to create digital dossiers on American citizens to be used by our enemies.

    It’s unlikely we’ve heard the last of the Equifax hack.

acorns+cnbcacorns cnbc

Join Acorns


About Us

Learn More

Follow Us

All investments involve risk, including loss of principal. The contents presented herein are provided for general investment education and informational purposes only and do not constitute an offer to sell or a solicitation to buy any specific securities or engage in any particular investment strategy. Acorns is not engaged in rendering any tax, legal, or accounting advice. Please consult with a qualified professional for this type of advice.

Any references to past performance, regarding financial markets or otherwise, do not indicate or guarantee future results. Forward-looking statements, including without limitations investment outcomes and projections, are hypothetical and educational in nature. The results of any hypothetical projections can and may differ from actual investment results had the strategies been deployed in actual securities accounts. It is not possible to invest directly in an index.

Advisory services offered by Acorns Advisers, LLC (“Acorns Advisers”), an investment adviser registered with the U.S. Securities and Exchange Commission (“SEC”). Brokerage and custody services are provided to clients of Acorns Advisers by Acorns Securities, LLC (“Acorns Securities”), a broker-dealer registered with the SEC and a member of the Financial Industry Regulatory Authority, Inc. (“FINRA”) and the Securities Investor Protection Corporation (“SIPC”). Acorns Pay, LLC (“Acorns Pay”) manages Acorns’s demand deposit and other banking products in partnership with Lincoln Savings Bank, a bank chartered under the laws of Iowa and member FDIC. Acorns Advisers, Acorns Securities, and Acorns Pay are subsidiaries of Acorns Grow Incorporated (collectively “Acorns”). “Acorns,” the Acorns logo and “Invest the Change” are registered trademarks of Acorns Grow Incorporated. Copyright © 2019 Acorns and/or its affiliates.

NBC Universal and Comcast Ventures are investors in Acorns Grow Incorporated.