In a world gone totally crazy, your private information given to companies no longer seems safe. Security breaches where a bad guy somehow is able to steal databases worth of customer information is becoming a normal type of event. I had just this year received in the mail a couple of letters warning that some of my information was stolen during a security incident and what I can do about it. Thinking that it was somehow a hoax, I had to verify online whether the incident was true or not. Sure enough, it was. I’m referring to the Ticketmaster security incident. The scarier incident involved the breach of the National Public Data in which millions of social security numbers, email and mailing addresses were dumped.

Enough is enough. While there’s literally nothing an average person can do to prevent these types of security incidents from happening in the first place other than maybe calling and emailing government officials to enforce laws that heavily punish and fine companies that were found to be at fault of weak security practices, we can nonetheless make it more difficult for the bad guys to actually do something useful with that stolen information. I can only assume that this problem is only going to get worse, not better. Having worked in the information technology sector, I can tell firsthand that many companies either do not pay enough attention to the security of their data nor allocating a portion of their budget to hire a security company to perform professional penetration test of their systems periodically.

So what does all this mean? Personally, it’s becoming quite common now for users to just live with the assumption that our data is all public and out in the open. When I was young and still naive, I used to think that my social security number was something I had to protect at all cost. If it fell into the wrong hands, my identity will be stolen. Someone out there would be able to impersonate me and enroll in credits cards all in my name. If they got my social security number, I can be damn sure they likely also have my name, email, address, date of birth and anything else that can identify me. Now, I just live with the assumption that all of it is out there. My job is no longer to worry about it getting out there but making life more difficult for the bad guys. The idea has always been that if you do this well enough, they’ll just move on to a easier target or victim. One of the best things you can do at the moment is to simply put a freeze or lock on your credit.

By freezing your credit, it makes it a lot harder, if not impossible, for someone, including even yourself, from performing a credit check in your name. A credit check is simply required any time you want to apply for a new credit card or when you need a loan from the bank, either for your mortgage or new car purchase. Since performing a credit check is rarely something you’d need to perform on a weekly, monthly or even yearly basis, it can be advantageous to simply put a freeze on it so that this can stop bad actors right in their tracks. While I obviously can’t be sure if there is a workaround for this, always remember that your job is to always make it as hard as possible for the bad guys. There are only three major credit reporting agencies in the United States: Experian, Trans Union and Equifax. To issue a credit freeze in our name, we need to enable the freeze by creating an account in each of the three agencies. You MUST do this for all three agencies individually. Fortunately, doing so is extremely easy and free of charge.

Experian – Freeze or Unfreeze Your Credit File for Free – Experian

Trans Union – Credit Freeze | Freeze My Credit | TransUnion

Equifax – Security Freeze | Freeze or Unfreeze Your Credit | Equifax®

Creating an account is no different from creating a user account for any other online services you’ve used. The major difference is that you’ll need to provide your social security number and provide your real address of residency. Do not provide bogus information. Once your account is created, freezing your credit simply involves a button click or two and that’s it. You have then officially frozen your credit for both the bad actors, good actors and to yourself as well. Anytime you need to apply for a loan or open a new credit card, you must remember to unfreeze your credit, otherwise the bank or your car dealership won’t be able to check your credit to get you that loan.

Once your credit is frozen, the next best thing you can do is to simply enable multifactor authentication on any and every financial service you use that contains sensitive data so that even if your password got compromised via a security incident, the bad actors will now also need your phone as well to login. It’s also a good idea to use strong random passwords for each service and to rotate them regularly. Never reuse the same passwords. By doing just these couple of things, you’re a lot better off than most other users and the whole point, once again to remind you, is not to worry about whether your information will be one day leaked or stolen as you have zero control over that but rather to make it difficult for the bad guys to do anything useful with it once it is in their hands. That is something you do have some control over.