Dealing with the Capital One breach

In the aftermath of Capital One’s announcement on Monday that roughly 100 million credit card applications had been compromised in a data breach, exposing an estimated 77,000 bank account numbers and 140,000 Social Security numbers, many consumers likely have questions and concerns for their own wallets. Identity theft occurs when someone gains unauthorized access to your personally identifying information – such as your name, Social Security Number (SSN), or bank account information – and uses it to commit fraud or other crimes. The crimes that an identity thief is able to commit with your personal information range from applying for a credit card under your name before subsequently racking up prodigious charges to poaching your tax refund. In some cases, identity thieves are even able to assume an unsuspecting person’s identity entirely, obtaining identification bearing their name and often committing crimes “as that person.” With that in mind, the free-credit-score website WalletHub has some tips for how potential victims can keep their financial info safe.

1. Sign up for 24/7 credit monitoring. This way, you’ll find out immediately if someone tries to open an account in your name.

2. Enable two-factor authentication. Capital One was hacked, but your cell phone wasn’t. So use it as another layer of protection when logging into your email account and financial websites.

3. A freeze is better than an alert. It probably isn’t necessary in this case, but if you really want to protect yourself from fraudulent borrowing, freeze your three major credit reports — Equifax, Experian and TransUnion. This will prevent anyone but you from accessing them, thus making it impossible to take out a loan or line of credit. A fraud alert, in contrast, doesn’t actually do much.

4. Suppress fraudulent info. While you can dispute run-of-the-mill credit report inaccuracies, it’s best to use a process called “suppression” or “blocking” to get rid of negative info resulting from identity theft. In short, this makes it so the records in question can’t make reappearance after they’re initially removed.

5. Never respond to unsolicited requests for information. Don’t be surprised if you see an uptick in unsolicited calls and emails requesting personal information. Just remember: Never answer if you didn’t ask to be contacted.

For more advice, check out WalletHub’s identity theft guide, at wallethub.com/edu/ identity-theft/17120.