Steps to Take Following the Equifax Breach

Michael 2016-11.jpg

by Michael Garcia
Chief Technology Officer

Equifax, one of three credit reporting agencies in the United States, reported on Thursday that the company experienced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers.

Ferguson Wellman and West Bearing recognize that many of our clients may have questions as a result of the announcement. While it is still early in the process, we would like to share a few thoughts:

  • Equifax has established a website to assist clients in understanding the incident and to allow consumers to determine if they are known to be impacted. The website is To determine if you have been impacted, select the, “Potential Impact” link
  • Whether or not you are reported to have been impacted, you may want to consider enrolling in an identity monitoring and credit protection program. While our firm does not endorse any program, here are the names of several offerings rated by Consumer Affairs:

  • As reported on the website, Equifax is offering complimentary access to an identity theft protection and credit file monitoring product called TrustedID Premier. However, by enrolling in the complimentary program, you may be agreeing to settle grievances through arbitration. There is a link to enroll in the program on the website referenced above 
  • No Ferguson Wellman nor West Bearing clients own Equifax stock (ticker EFX) in portfolios managed by our firm, with the exception of a few clients who transferred the position in from other managers. Not surprisingly, the stock dropped 13.66 percent on Friday following the news

As always, now is an excellent time to use complex and unique passwords for all of your accounts. We recommend:

  • Changing your password immediately if you know of data breach and any like passwords on other sites
  • Create strong passwords everywhere and do not use the same password on different sites
  • Use a password manager to do the heavy lifting of creating strong passwords. Many are free
  • Enable two-step or even multi-step verification if available. Even if your credentials are compromised, they are useless without additional verification
  • Monitor any financial accounts associated with any breach that you believe have been associated with fraud. Your liability may be impacted by how quickly you identify fraudulent activity
  • Be aware of “phishing” attacks that may increase shortly after news of a breach. They may pose as the affected company to trick consumer

Should you have any questions, don’t hesitate to contact me at