One of our readers, Jack, sent us this question:

Just a quick question. One of my family members had their purse stolen. Everything they owned was in the purse, from credit cards, checks, social security cards, and so on. Now would Freezing their credit report benefit her? Or would freezing them hinder the progress of getting everything straightend out? The theives did not open any new accounts.

Thanks,

Jack

Thanks for your question Jack! The short answer is yes, she absolutely needs to freeze her credit report as quickly as possible. Any time your purse or wallet is stolen there are ten basic steps that you need to take in order to protect your accounts and your credit rating.

Ten Steps to Combat Identity Theft:

1. File a police report - Call your local police station (not 911). They will help you file a report. Make sure that you keep a copy of the report, and keep the report number handy. You may need it as proof to follow some of the steps below.
2. Call your bank and report your debit card missing / stolen - It is important that you do this as quickly as possible because if you do not you could end up being liable for any charges the thief makes on your card.

Here’s how federal law works: if you report your card stolen before the thief manages to charge on your card, then you are not liable for the charges. If you report it afterwards, the amount of your liability depends on how long you wait - so don’t wait. Do this the instant you have filed your police report, if not sooner. Ask for a new card, with a different account number.

3. Your Checking and Savings Accounts - Close them and stop payment on any checks you have out if possible. Open up new ones, with new account numbers. Your bank should be able to help you.
4. Freeze your credit reports - One of the first things would-be identity thieves do is to try to open up new accounts in your name. If you freeze your credit report it will not matter how many applications for credit someone puts in, they will probably not be able to open new accounts since your credit score will be hidden.

   Freezing your credit reports is a far more effective policy than simply placing a fraud alert since some lending banks could ignore the fraud alert and open new accounts despite the warning. As long as you have a police report there should be no charge to freeze your report at any of the three credit bureaus.

5. Make a list of everything that you know was in your wallet / purse - At the very least you are going to need this list so that you know what you need to replace. You will also need it for step number 6.
6. Start calling your credit card companies - Report the loss of each individual card. Cancel the card, and ask for a new card, with a new account number. By law you are not liable for more than $50 per account if your card is used without your permission, so take a deep breath and relax.
7. Your Driver’s License - You will need to go to your local DMV and report your license as missing, and get a replacement.
8. Your social security card - you will have to go up to your local social security office to get a new social security card. However, you will never be issued a new social security number unless there is proof that someone is using it fraudulently - you will just get a replacement card.
9. Change your locks - If the thief got your keys as well, then you need to change the locks on your house, and if possible, your car. They have your keys. They have your address. Why take a chance?
10. Temporarily purchase a credit monitoring service - especially if you do not freeze your credit report. This will be the first indicator that someone is opening accounts in your name, and right now, I think that it only costs around $30 a month to monitor your reports and scores from all three credit bureaus. Personally, I prefer TransUnion’s credit monitoring service over Experian’s. I have never used Equifax’s, so you may have to check that out yourself. You could also look into companies like Lifelock.

Once you have finally gotten this resolved, don’t forget to get a free copy of your credit report each year. Once someone has your information, it is possible that they always have it, so at the very least check once a year to make sure no new accounts have been opened without your knowledge.

Have a question for us? Leave a comment below!

A credit report “Freeze” prevents lenders from pulling your credit score, so it could actually prevent would-be identity thieves from opening new accounts in your name. But, is it really worth the trouble?

The credit bureaus aren’t exactly lining up to help you freeze your credit reports, since most of their money is made by selling your credit score and information to prospective lenders.

If you decide that you do want to freeze your credit report as a preventative measure you have to send a request in writing and provide up to seven documents (Driver’s license, Social Security Number, Utility Bills, etc.) as proof of your identity. You have to send all of that information to each of the three main credit bureaus individually. On top of that, you have to pay a fee to freeze and unfreeze your report. Then, when you get ready to apply for a loan, un-freezing your credit report takes several days.

(As a side note it is free for victims of identity theft to freeze their credit reports, but they must provide a police report documenting the theft.)

So, inquiring minds want to know. What do you think of freezing your credit report? Is the potential security worth the hassle, or do you want to be free to apply for credit and pounce on a better offer the minute you see it?

Here are a few facts to consider:

• It is estimated that there are as many as 750,000 cases of identity theft each year.
• It is frighteningly easy to steal someone else’s identity.
• You have to go through about 30,000 miles of red tape if your identity is stolen, including freezing your credit report anyway.
• Freezing your credit report only prevents new lenders from pulling your credit score. It does not prevent thieves from using your current credit card numbers, or bank account information, or your social security number any way they like.

So what do you think? Is the additional protection worth it, or is freezing your credit report something you will deal with only if you have to?

We get lots of advice on how to avoid identity theft :

1. Do not carry your social security in your wallet.

2. Shred all your bank statements or bills if you decide to junk them.

3. Have strong passwords

4. Know what are phishing emails and do not reply or divulge any information over the email.

But, today while I was at the driving center renewing my driving license, the person over the counter told me that he just attended a course about identity theft. And he said that one of the easiest ways to get your identity stolen was through the hotel room swipe cards that the hotels give you.

It turns out that many hotels store information such as your name and even your credit card numbers. It makes it very easy for even an amateur to get someone’s credit card number! So I did some googling and true enough, there have been lots of articles written about this as early as three years back. Here are interesting posts :

Swipe here to steal ID at computer world

Hotel Key Cards : Identity Theft Risk or Not

Hotel/Motel Key Cards embedded with personal information.

Guess the lesson is to make sure you actually shred those cards after you have checked out.

Recently, a meeting was called for in the main conference room in my company. Then an announcement was made. A laptop or disk (cannnot remember) was stolen from another office (branch) in another state. The list contained a list of employees from our office! We were told that though there was a potential identity theft situation, the chances were pretty remote.

Apparantly, the disk was encrypted. Furthermore, a sample of the encrypton was given to every IT and security personel and none of them could break the code. The company’s thoughts are that the disk was stolen for resale value!

However, as a precaution, we were all asked to inform the credit bureaus and be put on “fraud alert”. So I called up TransUnion. The call was pretty interesting to say the least. I asked a series of questions and had to key in the answer on the phone. I had to key in my social security number, my zip code and probably (can’t remember precisely) my phone number. When the process ended, I was told that I need not inform the other two credit bureaus as this has automatically been done. It was a strange experience to say the least because it was all totally automated and I could not even speak to an operator or customer service representative even if I had wanted to. I was a little apprehensive.

However, I soon received letters from the credit bureaus stating that I had requested to be put on fraud alert. At least, the fraud alert procedures was working.

We were also offered a free one-year subscription to one of the 3-in-1 monitoring service, but I have not done so as I frequently check my reports (once a year with each agency).

This whole incident simply highlights how vulnerable we are to identity theft. Though I have not had my identity stolen, this episode shows it could happen even without me being at fault.

The Wall Street Journal on Friday published a story titled Breaking the Code - How Credit Card Data Went Out the Wireless Door. It reports on how a Marshall’s Discount store in St Paul, Minneapolis had sloppy wireless date security and allowed tons of credit card data to be stolen right under their noses.

Their wireless network had less security than many people have on their home networks. The hackers, who have not been found, downloaded at least 45.7 million credit- and debit-card numbers from about a year’s worth of records. Not only were credit card data lost, but also data like social security numbers, drivers license etc.

Once these credit card data was stolen, fake credit cards based on these data can be issued. The hackers can then use these cards and spend them as they please. Eventually, that is how these frauds are detected - when credit card holders start noticing bogus spending on their card. They people who use these cards with stolen identity also spend as much as they can away with.

What TJX (which owns Marshall’s) neglected was simply to encrypt their wireless data! (which you’d think would be a standard especially for a major company with an IT stuff). It enabled the hackers to simply hack into their system and created use passwords!

The article in the journal also touched upon the topic if companies should be legally responsible if they were sloppy and allowed your credit card data to be stolen. I personally think there should not be such legislation because sooner or later, the smart companies out their will realize that offer data security could be a competitive advantage.

What puzzles me is that big companies like TJX can be so sloppy. The big lesson here is that even when shopping at major retailers, your credit card data could be compromised and your identity stolen. I will be writting a post soon on identity theft prevention and steps to take when it happens.