A data breach of Capital One, the nationâ€™s seventh-largest bank by assets, compromised the personal information of approximately 100 million U.S. consumers and 6 million consumers in Canada, the bank announced Monday.
The breach affected the information of two groups of people:
- Those who applied for Capital One credit cards between 2005 and 2019. The compromised information included names, dates of birth, addresses, email addresses and phone numbers.
- Existing credit card and secured credit card holders. Data stolen included 140,000 Social Security numbers, 80,000 bank account numbers and information about consumersâ€™ credit scores, credit limits, balances, payment history and transactions. In Canada,Â 1Â million Social Insurance Numbers were compromised.
Capital One said it would provide free credit monitoring and identity protection services to those affected.
The incident arrives just after a settlement ofÂ the massive 2017 Equifax data breach, whichÂ exposed the personal information of nearly 148 million U.S. consumers, more than half the adults in the U.S.
Consumers can takeÂ stepsÂ if they fear their financial data has been compromised or to proactivelyÂ guard their credit:
1. For best protection, freeze your credit
AÂ credit freezeÂ makes it unlikely your stolen financial informationÂ can beÂ used to open new accounts in your name. Most creditors check your credit historyÂ as part of the application process â€” with a freeze in place, they canâ€™t access your credit history and will decline to open a new account.
Freezing your credit doesnâ€™t affect your score. And when you want to open up a new credit line, you can simply â€œthawâ€ your credit temporarily.
Freezing and unfreezing your credit at each of the three credit bureaus â€” Equifax, Experian and TransUnion â€” is now free to all consumers.
2. Place a fraud alert if you canâ€™t freeze right now
If you donâ€™t want to lock out creditors â€” perhaps youâ€™re in the middle of applying for a mortgage or car loan â€” you can insteadÂ add aÂ fraud alertÂ to your credit reports.
This type of alert flags potential creditorsÂ that they should verify your identity before issuing new credit in your name.
A fraud alert lasts for a year and is renewable. You need to contact only one of the three bureaus and ask for the alert; it will notify the others.
For best protection, remember to freeze your credit at all three bureaus once youâ€™re done with your applications.
3. Check all 3 credit reports
Youâ€™re entitled to at least one free credit report from each credit bureau every 12 months viaÂ AnnualCreditReport.com. If youâ€™ve already accessed them within that time frame, you get another round of free reports once youâ€™ve placedÂ a fraud alert.
In addition, the Equifax breach settlement will provide all U.S. consumers six extra free credit reports a year for seven years, startingÂ in 2020.
Check overÂ your reportsÂ for signs of trouble, especially:
- New accounts that you didnâ€™t open.
- Credit inquiries that donâ€™t match when you applied for credit.
- Balances that donâ€™t match your statements.
4.Â Watch your creditÂ card activity
Freezing can stop new accounts from being opened in your name â€” butÂ it canâ€™t preventÂ fraudulent charges on an existing account. Protect yourself in these ways:
- Even if you think your data wasnâ€™t affected by this breach, stayÂ on top of yourÂ credit card statements. Look for charges you donâ€™t recognize and if something seems fishy, dig into it. Thereâ€™s often a phone number listedÂ along with the merchant name forÂ each transaction.
- SignÂ up for text or email alerts about credit transactions. Many credit card issuers let you set them for every charge, or just ones above a certain dollar amount.
- If you see a suspicious charge, call your issuer right away to dispute it. Most often, your liability is limited to only $50 and perhaps less.
More From NerdWallet
- How to Prevent Credit Card Fraud
- Does Freezing Your Credit Hurt Your Credit Score?
- How to Navigate the Equifax Data Breach Settlement Offer
Amrita Jayakumar is a writer at NerdWallet. Email: firstname.lastname@example.org. Twitter: @ajbombay.
Bev O’Shea is a writer at NerdWallet. Email: email@example.com. Twitter: @BeverlyOShea.
The article How to Protect Yourself After the Capital One Data Breach originally appeared on NerdWallet.