Deep Dive
Why is it important to order a free credit report after a data breach?
Ordering a credit report helps identify any suspicious activity that may have occurred since the breach, ensuring your credit hasn't been impacted without your knowledge.
How does credit monitoring service help after a data breach?
Credit monitoring services alert you to suspicious activities, such as new lines of credit opened in your name, providing an early warning system against identity theft.
What is the purpose of placing a fraud alert on your credit file?
A fraud alert prompts creditors to verify your identity before extending credit, adding an extra layer of security to prevent unauthorized credit applications.
Why should you consider a security freeze on your credit after a data breach?
A security freeze locks down your ability to take out new credit, preventing anyone from opening a line of credit in your name without your explicit permission.
What role does the Federal Trade Commission (FTC) play in data breach responses?
The FTC provides guides and resources for both consumers and businesses on how to protect themselves and respond to data breaches, acting as a central resource for information and complaint handling.
How does multi-factor authentication enhance security?
Multi-factor authentication adds an extra layer of verification, making it more difficult for unauthorized users to access your accounts even if they have your password.
Why is it crucial to protect your email account?
Email accounts often contain sensitive personal information and serve as the gateway to other accounts, making them a prime target for hackers.
What are the potential risks of using a centralized password manager?
Centralized password managers store all your passwords in one place, which could be a high-value target for hackers if the manager's security is compromised.
Why is it recommended to change passwords for critical accounts after a data breach?
Changing passwords for accounts with sensitive information reduces the risk of unauthorized access if those accounts were compromised in the breach.
How can services like 'Delete Me' help protect your privacy?
Services like 'Delete Me' help remove your personal information from public databases, making it harder for people to find and misuse your data.
- Data breach notifications often suggest ordering a free credit report, enrolling in credit monitoring services, contacting the Federal Trade Commission, placing a fraud alert on your credit file, and requesting a security freeze.
Shownotes Transcript
This message comes from instagram. Recently, instagram introduced teen accounts with built in protections. Teens automatically get safety settings that limit who can contact them, the content they see, as well as settings to ensure their time on instagram as well.
And this is planet money from entier. Hello, I am Kenny alone .
and i'm a andora chic.
And we are here because, of course, the season of giving is upon us the spirit of giving. And in that spirit, AManda, we had planet money would like to share with everyone a sample of what our bonus content sounds like. So usually what you're about to hear, it's just for our planet money plus supporters. But today we are making this bone episode available to everyone.
to all. Yes, these episodes come out every two weeks. You know, basically our bonus episodes, they might be extended cuts of interviews.
They might be interviews that come from our newsletter. You might talk about how an episode was made. Occasionally we do a movie club where we talk about economics in a film. Kenny, I understand that you are going to do .
that again soon. Love IT oah Christmas at the al pack farm.
Is that really of the movie?
Yeah, there is a lot of economics in this, the economics of how Christmas rm comes get made, the economics of the fiber markets. And the more I say that I know, the more that sounds like IT is a joke.
is not a joke. Sounds anyway.
sometimes we watch movies and we talk about them on the bonus feed, but then sometimes we are also just working on an epo de of the show and there's extra a material that didn't fit in and we want to share IT, and that is what we are here to do today in this bonus episode. So AManda, yes, you recently did an episode, all episode on what happens when your personal data gets stolen. And you had a bunch of extra reporting on IT that I have been begging you to tell me about personally.
Yes, that's true. And for the season of giving I come bearing news, you can use what fits .
in a stocking. Yeah.
we rap IT up. You like put that under the trip, put in the stocking. This is advice on what you can do to protect your personal information. If you've been part of a data breach, even if you have not been part of a data breach, some of this will be news that you can use. I will tell you that part of the genesis of this episode was, while I was making the data breach episode, I would like a lie there at night and like, oh my god, I got to go change my bag password and then like, i'd wake up and then I would like, oh god, I got to go set up two step of the, I would have all of these like, huh? So over the course of making the episode, I learned a lot about how to protect your data, my data, and now i'm going to share that.
okay. So if you would like to hear more bonus st content, like what you're about to hear, you can sign up for planet money plus at plus dot npr dot O R G that is plus dot npr dot O R G H there other perks, well, including our regular episode sponsor free. And if you are a part of money plus already, then thank you.
Thank you for supporting us. Genuinely, this keeps our work and the work of P. R. Going IT really does.
This is super helpful. We're very great for when you subscribe. And with that, we hope you enjoy this conversation. We will be back with a regular episode for you later this week.
This message comes from gram y two hundred and thirty one. That's the average number of apps used by many companies. This leads to a lot of context and tab switching, which can drain employee focus, costing your company grammar c help because IT uses A I that works in over five hundred thousand absent websites, join over seventy thousand teams who save an average of five hundred thousand dollars per employee per year using grammar, go to grammar dot com slash enterprise to learn more.
This message comes tremendous. Sponsor marrow, whatever your financial goals are, you want a straight forward path there. But the real world doesn't usually work that way.
Maria understands that. That's why with a dedicated maria adviser, you get a personalized plan and a clear path forward. Go to ml 点 com slash bullish to learn more marrow, a bank of amErica company.
What would you like the power to do? Investing involves risk. Mary lynch, peer spanner in smith, corporate registered broker dealer, registered investment advisor member S. I P. C.
And we're back. Okay, we're going to start this ready. Classic, classic radio.
no. yeah. Can do you just love to shuffle little piece .
of paper what we do? It's what we do. That is a rather voluminous letter I received. In fact, everyone in my family received one of these telling us that we are all part of a substantial hacks that again.
so that letter, just if I that is required, I believe by all states that they send you a letter saying.
hi, sorry, just said we got act. And this one in particular is like, not the company I was doing business with. They apparently were managing data on behalf of the company I was doing business with. So it's this letter in particular is funny because it's like, hey, you've ever .
heard of us.
heard of us. But one thing you should know about us is we know a lot about you.
And IT does seem like those are prime targets. These companies that are like central warehouses for data, yg hackers are identifying places that have a ton of data on hand as opposed to like i'm going go hacky can. What's the point when I could go get hundreds of millions of data about also to different people? yes.
And this particularly frustrating to me, I will say before we get into this because i'm very careful about my passwords I used, I change my passwords all the time. I use very complex passwords that I can't remember passport manager to keep track of them. I use two factor authentication. IT doesn't matter in this case because they didn't hack me personally. They hacked this big company that had all of my data.
Yeah, i'm so sorry, Kenny. That's the worst.
So anyway, I have a very basic question. Yeah, I got this letter and there are all these suggestions about what I could do in this letter. Can you help me understand what .
I am supposed to do? Yes, I will do .
my best OK. Letter noise. Letter noise. Letter noise. There are, I think, about five or six suggestions in here that I would love to just go through with you.
And you can tell me, are they useful? Are they B, S, or are they somewhere in between shelling? Yeah, here we go.
Think IT suggests, number one, order my free credit report. So what this means is that there are companies experience, trans union. What do IT was the .
other equifax? I was 特别感谢。
These are the major credit burrows. They keep track of tons of our information to tell someone else how likely IT is that we are to pay back alone. I mean, is their very basic function in society? yes.
Are you credit worthy? Is that worth lending you some money? Can you pay back? Will you have you historically paid IT back?
Correct all of that up. okay. So you can order, create report from one of these companies if you've never done IT about yourself.
And so here I am being told that this could maybe help me in some way now that i've been hack. Should I? Should I do? That is IT helpful. Yes.
that one is helpful. IT is always helpful to get your credit report, take a look, have a sense of, like whether keeping track of and a big reason to do this is because the time between the hack and when you get that Better, it's not supposed to be very long, but sometimes IT takes months. So IT is very possible that something bad and suspicious happened in that time period. So that's going to be backward ds looking.
I think the credit reports will often say, like, hey, remember when you ask to take out this line of credit and i'll be like, no, I didn't ask to take out OK.
So this is a check in I mean, this is something that people should just do regularly anyway. This is a helpful thing. Make sure that, you know, has your credit been impacted by the hack and maybe even you just see some other things that nothing to do. The ck, you should be aware.
Okay, that doesn't sounds fun, but I will look that up and read debt.
And this is very easy to do. By the way, we're going to say this over over again, but we will put links in our show notes. So if we mentioned anything here in this episode, we are going to put link in our show notes you can go find.
Okay, so not B S, get your free credit report. great. Uh, thing number two, yeah and roll in credit and identity monitoring services. Okay, so i've never done this before, but presumably this is a service that just that I guess this this company that got hacked is now providing me for free to just like keeping eye whether someone is going is taking out like a line of credit in my name or something like that.
Yeah, this is a funny one. Some states actually require that they offer you credit monitoring if you've been involved in a data breach. But again, that depends on the state and also the personal data involved.
Um there is actually a academic paper from twenty twelve that says if they offer you this service is free credit monitoring, it's going to reduce the likelihood that you sue them by a lot. No, yes. What will often .
happen is you'll get this .
letter and it'll say in there they've made some sort of arrangement with another company and that company will offer you free credit monitoring, which is basically a report. It's not your credit report, is a report that comes to your in box or you can have IT mailed to you. And it's going to say like, hey, you know, we were watching this.
We saw some suspicious activity here. We saw this email used here, somebody paying this about this. I have been doing this for years with experience and that was actually pretty detailed.
Was that after a hacky? Yes, did IT.
Yeah and I I will admit that like i've gotten this office so many times, I don't pay that close attention to IT.
Maybe like the .
details that send me, it's not not useful.
Okay, not not useful. We put that in on the on our well, I do have a question. I don't know if you know the answer to, but if I enrolled in one of these credit monitoring services or I request my free credit report, do any of these affect my credit score? Do they affect my credit because no, I think the more people run now okay yeah be mess up. yes.
So here's the trick with these things. Yeah so let's say you were offered um credit monitoring from one of the big three credit purpose. Um this is we want to be a little bit careful as you sign up IT is very possible that as you go in uh and this is what happened to me that as you go to sign up you will be asked to wave your right to legal action. You will not be able to sue the credit buren.
Yeah, so helpful to join the credit monitoring. However, read the fine print.
the fine print. Read the fine .
print because you may you may be waving your right to be part of some large litigation or something, right? So not be, yes, a little air risk. But okay, yeah, take a look. I mean.
always take a look at the fine print. But like the whole internet is based on is not looking on the fine print. But if you can do IT try, sometimes it's .
written suggestion.
Number three, yeah.
Contact the U. S. Federal trade commission.
You know who doesn't want to hear from you? U.
S. Federal trade commission.
Do the, you can try. I mean, the way the ftc is handling this is if they get a lot of complaints about something, they will go and act on that. Are they gonna call you kandy and be like, K.
I help you out. We've been looking at your case, Kenny. Yeah.
working over time. We all talk to the ftc a couple times. They are trying with their limited resources to help people, so you can send a complaint to them if you want.
I mean, and to be fair, IT seems that what it's actually telling me to do is like go read whatever they've written about how to protect yourself for my identity theft. That seems to really be what they want me to do.
I actually do encourage you to do that. IT is very well written, very straight forward. They have, uh, guides for consumers and they also have guides for businesses like they have, you know, so you've been hacked, what did you do for your customers? And they're actually not bad. They are not bad. Resources will provide links.
Okay, that one is very funny though. Item number four, place a fraud alert on your credit file.
yes. So if you again go to the big three experience, trans union, equifax, there are a bunch of things that you can do while you are there. And one of them is place and alert on your credit file.
Um what this is going to do is if somebody like, let's say, you go to macy and you decide you're going to go get one of those like mac cars or something like that, and macy calls to see if Kenny is worth giving a mis card to, they're probably going to call you up. They are going to contact you and be like do you actually want this got IT. So that's that .
that kind of like second or third factor authentication on credit?
Yeah, it's one is not a bad idea. Okay, not bad. Not bad idea.
And do I do that with all three of the big credit bureaus?
No, you do not. If you place a fraud ert on your credit report with one of of the credit bureaus, they say that they will notify the other two.
Okay, all right. So yet again, not a bad idea. Not a bad idea. Okay, final, final recommended step.
This is a big one, and it's one of that I actually have thought about a lot. This is a recommended security freeze. I guess I should say it's not recommending IT. It's saying, quote, you have the right to request a credit freeze from a consumer reporting agency, which is another another name for the credit purrs. Um so that functionally locks down your ability to take out alone. So you know get a new line of credit, maybe extended existing line of credit IT locks that ability down unless you preemptively like open IT up because you know you're about a request in line.
Yes, this does appear to be the kind of gold star of what you can do to protect yourself, which is you are going to freeze your credit, which means that, uh, as you said, you are no longer able to get alone for anything. But it's not IT isn't actually I was a little bit surprised when I started to digg into a little bit more IT doesn't stop all sorts of other processes like people can still like if you are trying to get a job, somebody can still call up experience and be like, can I look at the report and the answer is probably yes OK sure you're not trying to like open a new land credit so most things still happen um but your credit is frozen and so nobody can get alone in your name yes the big three make this quite easy.
You just go online but .
if to freeze and ease .
that is the IT .
seems obvious to me .
that a security freezes is useful IT an armor plate again. st. Someone doing one of the worst things they can do, and they still your identity, which is tank your credit by taking out a giant line of credit in your name. This is the medicine I was kind of reading. I would you need to take in a situation like this because IT seems IT definitely seems inconvenient but .
but obviously helpful so yeah .
and I will not take you very long OK okay I I will do that um especially before this episode runs telling everyone that i've been part of a giant hack.
Yes.
not a bad idea. So that's all it's in this list. Basically is there anything else I should be doing?
Yeah we at epr have a service called delete me, which is like a privacy service that helps scrape you off of the internet, your name if you're phone up your .
address and place the image that you've like landed flat on the internet and they're like peeling.
you are yeah they trying to grab some of your information off of the internet so you're harder to find your address, your email, cell phone number harder to find. And it's honestly it's been effective.
Okay, pretty helpful. Or anything else that one should do after they've learned there are part of a jet attack?
yeah. I mean, you should look on your credit ard. You look on your bank state.
yes, I go look and .
see if there's any weird charges that you don't recognize.
Do you know the one that kept happening to me is like tiktok purchases is not on this one, but like when someone got a hold of of a credit card number, they just kept buying crap through tiktok, like on people's .
tiktok stores? No, not okay. I get your credit card like you probably like maybe .
I showed up as tiktok purchases and I was like.
obviously I didn't make this purchase. This is outrages. Your credit card is your friend and fraud, like they do not want you defraud IT.
IT is very expensive for them. They have very good mechanism set up to like fine fraud. So you should be watching your create card and you should be calling them up if you see church that you don't recognize.
Same with bank. This is something that I learned also doing researcher was like, I I think that feeling of like, oh my gosh, I ve got to change my password. Stanly feels very overwhelming because you have so many passwords. So one thing you can do is just make sure you do the big ones, you do your email, change that all the time, you do your bank, you do your credit ard, you do the things that have access to your financial and personal like most sensitive information.
right? Or or or your email is like, unfortunately, the key to everything. So you want to protect that? Yes.
definitely want to be protecting your email because, yes, are you at some point, you email the best word somebody and it's sitting there in your email, a lot of personal information in your email and the password manager thing, I have very mixed feelings about amusing a google chrome password manager. It's fine. It's poor of out of laziness.
I have not done the like best and brightest research on this. I've not done a ton of research on this, but we are offered a password manager work. I have not taken IT, partly because I think of password managers as centralized repose, tories of data.
and they get hat too.
They get hat too. So they are being extra super dupr careful fear.
Theoretically, your passwords, but encrypted and in one place makes me nervous.
But I I think for the most part, people in this field there are in this area will say to you, yeah that's that's a good idea because I will help if you have strong password.
It's choosing what's clear is you're choosing which rescue anna, take care yeah like that. That is all that exists in this horrible destroy, a that we've created for ourselves in the data world. Yeah.
this is, this is how we get the internet for free as we give up our data.
Have I learned everything?
I don't know. Yeah, I just can say also just for basic password manager, if you have an account that offers two step of indication, do IT use IT. That seems to be how people, huck, very easily, as is setups where they didn't do to step or multifactorial thenthe cations.
Other time. I just want to say, I know it's a little annoying to have multiple steps, but may I suggest a reframing in your head? Think of IT not as an annoying sort of extra hurdle. Think of IT as a fun low scavenge or hunt. Did you get to play where it's like you get, I get oh, i'm going over here to my phone and oh, i'm going and over here to my email, i'm going to type IT in it's a sky room, really pe room of your own life for me and then and then multi factor authentication rules.
So I mean, the sad part for me and all of this though, is how much is put on you, Kelly? How much was put on me? I think this is some real B. S. I don't think we should .
have a over time. And money and money .
like this is the there is an industry of.
I think that protection, yes, for a passer manager, yes, that's right.
And and a lot of these protections are so that you're not allow is hanging fruit, right, so that you're actually kind of a pain to hack. That's what you're doing here is trying to make you A A, A less obvious target.
Yes, you don't have to out run the bear. You just have to out run.
People are running. Oh, exactly when you put like that.
yeah. true. That OK. I this is exactly what I wanted. good. Just gonna go lock and unlock my credit yet.
go. beautiful. Well, kid, thank you. This has been fun.
Thank you. No.
happy to share all this.
So listen, we're going to put links to the resources and websites that, that we talked about or the man and to talk about, she's going to do all of that work. I don't know. I'm say it's going to be AManda, you got the work to that be in the show notes and we're going to link to the original episode is great and about like kind of more of the system here that allows this kind of tack to happen.
Yes, it's about the illegal and legal markets for our data.
A man that goes .
on the dark web but got the dark, it's fun.
Once again, we make bonus content like this, a one every other week for our planet money plus supporters. So if you want more planet money in your life, and you want to help keep our work and the work of mp are going, you can sign up for planet money. Plus, that is at plus dot N P R dot O R G, plus dot N P R D R G. I'm Candy alone .
and I mander orange. This is planned of money from mp.
This message comes to media sponsor marrow. Whatever your financial goals are, you want a straight forward path there. But the real world doesn't usually work that way.
Maria understands that. That's why with a dedicated maria adviser, you get a personalize plan and a clear path forward. Go to M, L, dot com slash, bullish to learn more.
Mary, a bank of amErica company, what would you like the power to do? Investing involves risk. Mayo lynch, peer spanner in Smith incorporated, registered broker dealer, registered investment advisor, member as I, P, C.
support for in P R in the following message come from Edward Jones, what is rich? Maybe it's less about reaching a magic number and more about discovering the magic in life. Edward Jones, financial advisers are people you can count on for financial strategies that help support a life you love. Edward Jones, member S. I P C. This message .
sponsored by Greenlight. The debit card and money have made for families where kids learn how to save, invest and spend wisely with parental controls built in sign up this holiday season at Green light outcome slash N P R.