Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

FTC – OPM data breach – what should you do?

Lisa Weintraub Schifferle – Attorney, FTC Division of Consumer and Business Education – “A data breach at the Office of Personnel Management (OPM) – and you’re a current or former federal employee whose personal information may have been exposed. What should you do? Take a deep breath. Here are the steps to take.

First Step – Check your credit report at annualcreditreport.com. Look for accounts or charges you don’t recognize. Even if the breach didn’t involve credit card information, thieves may use your Social Security number, address and date of birth to open accounts in your name; OPM announced that it plans to offer credit report access, credit monitoring, and identity theft insurance and recovery services to potentially affected individuals. Take advantage of this offer; Place a fraud alert on your credit reports. With a fraud alert, businesses must verify your identity before providing new credit. An initial fraud alert lasts 90 days but you can renew it.

Next Steps – If your information was exposed, then OPM will send you a letter explaining what information was involved. Your next steps depend on the type of information exposed:

Social Security number

  • Consider placing a credit freeze. Why? Thieves can use your Social Security number to open new accounts. With a credit freeze, no one can open a new account in your name (until you lift the freeze).
  • Next year, try to file your taxes early – before a scammer can. Once your Social Security number is exposed, a thief can use it to get your tax refund.

Bank account, credit card, or debit card information

  • Contact your bank or credit card company to cancel your card or close your bank account. Request a new account number.
  • If you have automatic payments, update them with your new account number.
  • Review your transactions regularly to make sure no one has misused the account.

Online login or password

  • Log into the account to change your username or password. If you can’t login, then ask to shut down the account.
  • If you use the same password elsewhere, change that too.

For updates about the breach, check OPM’s website. For more information about what to do after a data breach, and a handy checklist of steps, visit Identitytheft.gov/databreach. Remember to continue checking your credit report at annualcreditreport.com, in case information is misused in the future. You can order a free report from each of the three credit reporting agencies once a year. If you discover that someone is misusing your information, you’ll need to take additional steps, including filing a complaint with the FTC. IdentityTheft.gov walks you through those steps – because recovering from identity theft is easier with a plan.”

Sorry, comments are closed for this post.