By now, everyone has heard about the Capital One data breach. And, if you were one of the people who said, “whew! I’m so glad they rejected my application!” You may want to hold off on the celebrations.
On Tuesday, the company confirmed that applicants who were rejected are vulnerable too.
The hack affects over 100 million consumers, many of whom applied for a credit card between 2005 and early 2019. The company said the stolen data included names, phone numbers, dates of birth, Social Security numbers, self-reported income, and other credit card application data.
Along with contacting affected consumers, Capital One is offering free credit monitoring and identity protection.
In the meantime, however, if you’re concerned that your identity may be at risk, then we recommend freezing your credit. Not only is it more effective than credit monitoring, but security experts are also unanimous that this is an essential step to protecting your data.
A credit freeze will prevent someone from stealing your identity and opening new accounts in your name. And, freezing your credit at the three credit reporting bureaus is now free. All you need is your name, address, email, date of birth, Social Security number, and other personal information. Each credit bureau will give you a pin, which can be used to temporarily lift or completely remove your freeze when you need to apply for credit.
Another great precaution, one we speak about often, is two-factor authentication. Simple as it may be, two-factor authentication can prevent most account hacks. In fact, a study by Google found that a simple text message sent to a person’s phone prevented 100 percent of automated bot attacks that use stolen lists of passwords against login pages and 96 percent of phishing attacks that try to steal your password.
The investigation into the Capital One data breach is still ongoing. However, it’s still unclear whether the stolen data was misused — “based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual. However, we will continue to investigate,” a Capital One spokesperson said in an email to The Los Angeles Times.