Stolen SSN, Credit Bureaus Alerted , Now What?

privacyIntruded asks: "Recently I was informed by a former employer that a computer containing my name, address, drivers' license information, and social security number had been hacked. Though they do now know what, if any, information was accessed on the computer, they recommended I place a fraud alert on my credit report. To my relief, after placing the alert, I received credit reports that look fine. Now what? Assuming that someone does have the information, do I just wait for the day when someone uses the information for fraud, then hope I can minimize the damage when it is? Is there anything I can do to reduce the risk?"

buy more stuff from them.

[JVert]

I'm sure your info has been leaked before, they just didn't tell you. So go back and buy more stuff.

Re:buy more stuff from them.

[pdx_joe]

I believe more information is leaked then we know about. Not necessarily by the "bad guys." I work in a University Computer Lab and use the paper in the recycling bin for scratch. I pull out student's administration papers with their name, SSN, address, DOB. All written and thrown in the bin by students themselves. It would be easy to copy these down and apply for a credit card. People in general need to be more careful with their information. l

New Credit Card Number

You can always call your credit card company and tell them you lost your credit card. They will gladly send you a new one with a different number.

Equifax Identity Theft Protection

[Corpus_Callosum]

Purchase Equifax Identity Theft Protection. Not only will they notify you by email any time your credit report changes (e.g. new credit being taken out, etc), but they will insure you in case something happens.

I recommend that everyone does this these days. Your information is out there and easily collected by those that want it. Your information IS NOT safe.

Re:Here is a list

[ComputerSlicer23]

Actually, that's not true. I know for a fact that you can get new SSN's. If you can show that the identity theft is bad enough, they will in fact issue you a new SSN.

Furthermore, there is a rule that if you and another family member in your immediatly family have a SSN that differs by only a single digit, the gov't has to let you request a new one. (Notice, that's a single digit, not numerically next to each other). In my family, we have 3 out of 4, but they end in 07, 09 and 10 (actually, now that I've re-read the rule, we might qualify, they say sequential). So we nearly qualified for the rule. Having the first 7 digits and a last name match does create problems for credit reporting companies. Did I mention that there are 5 kids in my family, and we all have names that start with "K". They skipped the 08 one intentionally so that we would not not have sequential ones. So I'm not sure if I am interpreting the rule correctly or not.

http://www.lawsmart.com/ssfaqs/sscards.html

That even references the documentation for the form that you request to have your SSN number changed.

http://ssa-custhelp.ssa.gov/cgi-bin/ssa.cfg/php/en duser/std_adp.php?p_sid=A5OT3Wmh&p_lva=77&p_li=&p_ faqid=79&p_created=955483070

That link has my session in it, the FAQ is FAQ id 79, and is in the Social Security Number and Cards, the sub-category is General- SSNs and Cards. If you look around you'll find it. The following are the criteria:

• Sequential SSNs assigned to members of the same family
• Certain scrambled earnings situations
• Certain wrong number cases
• Religious or cultural objection to certain numbers/digits in the SSN
• Misuse by a third party of the number holder's SSN and the number holder has been disadvantaged by that particular misuse
• Harassment, abuse or life endangerment situations (including domestic violence)

If I didn't have nearly perfect credit, I'd apply to change it just because there are members of my family who know my SSN, whom I wish didn't. Members of my family are nearly indistingishable on the phone from me. Even by other close relatives.

I'd like to see the reference material on non-special SSN's that get re-issued. The SSO has special procedures to ensure that they aren't re-issued for long periods of time after someone is dead. According to the FAQ, no SSN has ever been re-issued (some of the 000-XX-XXXX specials get reused). The SSN has only assigned 450Million of the 1Billion available. In the FAQ search for an entry with the word "died", it'll be one of the first few.

Got any more urban legends you'd like me to debunk?

Sorry that I can't provide direct links, but the site doesn't give them back. You have to have the cookies and goop hooked up to it.

I read up on the rules about SSN's at great length when slashdot posted the story about the man who doesn't have an SSN. There are all sorts of neat rules about them. The IRS is a serious pain to deal with because of it, but it can be done.

Kirby

Just a few more things

There are two types of credit fraud alerts: one is a 90-day fraud alert and the other is a 7-year fraud alert. The latter is only allowed if you have had your identity stolen (so you qualify). You must explicitly ask specifically for a 7-year fraud alert or the credit bureaus will give you a 90-day one. There's more paperwork required for the 7-year fraud alert too. It's well worth the effort - once in place, no one can extend credit without contacting you by phone and getting your explicit permission.

In some states, e.g., Texas, you can get what is called a credit freeze. This locks out credit applications and is probably worth the effort to obtain.

Be patient and don't worry. There's really nothing that can be done to you that cannot be undone with a little time and paperwork. I used to worry and go ballistic after I suffered identity theft. But then one day I heard a lawyer speaking about it and he made the point that, when fraudulent purchases or applications are made in your name, it is (at most) necessary that you file a letter (to the foolish firm who extended credit to an imposter - not to the credit bureaus) explaining that the application/purchases were fraudulent. That made me rest easy.

Check your credit reports from the major credit bureaus (Experian, Equifax, Trans-Union and the new one, ChoicePoint) every 6 months. Write letters to all firms that received fraudulent applications for credit, explaining that the application was fraudulent and not made by you. It is by law their responsibility to then properly update the credit bureaus' reports. Keep copies (one folder for each account) of your letters and be persistent but patient.

The credit bureaus will not change a credit report at your request - they only will change it in response to a request from one of your (supposed or real) creditors. So don't get irritated at the credit bureaus. While they are not your friend (after all, they invented this silly system without asking anyone's permission and ought to be sued by the government for malfeasance), they are not your enemy.