Advertisement
credit & debt

Capital One Data Breach: 5 Steps to Avoid Identity Theft, Fraud

Be proactive to protect your sensitive personal information from scammers.

Just as consumers are starting to claim their share of the settlement for the 2017 Equifax data breach, Capital One has announced that the personal information of about 100 million Americans and 6 million Canadians was exposed in a hack that took place last March. Software engineer Paige Thompson has been charged with exploiting a vulnerability in Capital One’s network and gaining access to information on people as of the time they applied for a Capital One credit card, dating back to 2005. The data includes names, birth dates, mailing addresses, zip codes, e-mail addresses, phone numbers and self-reported income.

Advertisement - Article continues below

Although Capital One says that credit-card numbers and online log-in credentials were not compromised, the exposure did include details such as credit scores, credit limits, balances and payment history. Plus, the Social Security numbers of about 140,000 credit-card customers and about 80,000 linked bank-account numbers of customers with secured credit cards were breached.

Capital One says that it will notify those affected “through a variety of channels” and that it will offer credit-monitoring and identity-protection services. But if you think that you’re likely a victim, you don’t have to wait to act. Take these steps now to protect your identity or to spot fraud quickly if it does happen.

1. Beware Phishing Scams

Given that the breach involved e-mail addresses and phone numbers as well as names and other bits of info, crooks may target victims with e-mails, text messages or phone calls in attempts to collect money or personal data. A fraudster posing as a representative of a financial institution or government agency, for instance, may call you and mention your name, date of birth or other personal details to gain your trust, then ask you to recite your credit-card number or Social Security number to “confirm” it. “Never authenticate yourself to anyone who contacts you by e-mail or phone,” says Adam Levin, founder of identity-protection service CyberScout. If you’re not sure that a call or message is legitimate, look up the institution’s phone number and call it to see whether it truly contacted you. Don’t click on links or attachments in any e-mail or text message that look suspicious—they could lead you to a scam website or infect your device with malware.

Advertisement - Article continues below
Advertisement
Advertisement - Article continues below

Capital One is also warning customers to watch out for e-mails and calls from scammers claiming to be the bank. If you do receive a fraudulent e-mail, forward it to abuse@capitalone.com.

2. Sign Up for Transactional Alerts

Whether or not your bank-account information was exposed in the Capital One breach, it’s a good idea to receive e-mail or text-message alerts each time a new charge hits your bank account or credit card. Set up the notifications for the lowest transaction amount possible—crooks often test accounts with small charges before they rack up bigger ones. If you do see a charge that you don’t recognize, contact your bank or card issuer right away.

3. Practice Healthy Password Hygiene

Capital One has indicated that customers’ account passwords are safe. But based on other information gleaned about you through the breach or, say, from your social-media accounts, crooks may be able to figure out or change your passwords for various online accounts—especially if your password is obvious, such as your birth date or a pet’s name—and use the passwords in combination with your e-mail address to log in.

Advertisement - Article continues below

A password manager such as LastPass helps you create and store strong and unique passwords for each account you have. When possible, set up two-factor authentication for your online accounts. If there’s an attempt to log in to the account from a device that you’ve never used, for example, you may have to verify that it’s you by entering a code that you receive via text message.

4. Keep Tabs on Your Credit Reports

If you’re among those whose Social Security numbers were compromised, you may be at a higher risk for a criminal to open new credit cards or loans in your name. But anyone benefits from taking advantage of a credit-monitoring service, which sends you an alert each time a significant change—a new credit-card account, for example—pops up on your credit report.

While you wait you wait for Capital One to roll out its credit-monitoring service, check out other free options. CreditKarma.com monitors your TransUnion and Equifax credit reports, and FreeCreditScore.com covers your Experian report. If you’re affected by the Equifax data breach, you’re eligible to get four years of free monitoring of all three reports—but the service isn’t yet available.

You can also check your credit report from each agency free every 12 months at AnnualCreditReport.com. Pore over your reports for any accounts that you don’t recognize or other signs of fraud, such as a mailing address that isn’t yours (crooks may redirect your mail).

5. Freeze Your Credit Reports

A freeze is the best way to prevent criminals from opening new credit accounts in your name. Lenders can’t view your frozen credit report in response to a request for a new credit card or loan, so they’re unlikely to grant credit to someone pretending to be you. Check out our guide on how to freeze your credit.

Advertisement
Advertisement

Most Popular

11 Dividend-Paying Stocks You Should Think Twice About
dividend stocks

11 Dividend-Paying Stocks You Should Think Twice About

Dividend-paying stocks often can be a store of safety, but 2020 has been difficult on income equities. These 11 picks look like shaky plays despite th…
September 21, 2020
Medicare Basics: 11 Things You Need to Know
Medicare

Medicare Basics: 11 Things You Need to Know

There's Medicare Part A, Part B, Part D, medigap plans, Medicare Advantage plans and so on. We sort out the confusion about signing up for Medicare --…
September 16, 2020
Where You Should Invest Now
investing

Where You Should Invest Now

Kiplinger.com senior investing editor Kyle Woodley joins our Your Money's Worth podcast to answer investor questions about tech stocks, the election a…
September 22, 2020

Recommended

High-Tech Aids for Aging in Place
Caregiving

High-Tech Aids for Aging in Place

Apple Watch and other technology provides fast feedback, comfort for older users, and a powerful assist for caregivers.
September 23, 2020
10 Things You'll Spend More on in Retirement
retirement

10 Things You'll Spend More on in Retirement

From reading materials to debt, the demands on your savings during your golden years might surprise you.
September 16, 2020
How to Catch a Rock-Bottom Rate
Buying & Leasing a Car

How to Catch a Rock-Bottom Rate

Rates on everything from home mortgages to car loans are at record lows. We’ll tell you how to qualify for the best rates.
August 27, 2020
Give Your Credit a Boost
Coronavirus and Your Money

Give Your Credit a Boost

When times get tough, your credit profile could take a hit. Here’s how to keep it in shape.
August 27, 2020