Jul 25, 2019

How to file a claim over Equifax's data breach

Illustration: Sarah Grillo/Axios

If you're one of the 147 million-plus people who had their data exposed by Equifax's massive 2017 data breach, you can file a claim for cash or free credit monitoring, courtesy of Equifax's recent settlement with the Federal Trade Commission.

Details: If you lost up to $500 from the Equifax breach, filing for a "time spent" cash payment requires the least amount of paperwork and supporting documents. The deadline for all claims is January 22, per the FTC, and benefits will not be sent until January 23 at the earliest.

Where to start: Check if your information was exposed. Then you can submit a claim online, print a copy and mail it, or have a hard copy form mailed to you. Claims for people who were minors on May 13, 2017 can only be sent via mail.

Option 1:

You have the choice between free credit monitoring — from Equifax, Experian, and TransUnion — for at least 4 years, or a $125 cash payment. In lieu of the $125, which will not actually be anywhere near $125, you can also opt-in for up to 6 additional years of free credit monitoring through Equifax only.

  • If you select a $125 cash payment, you are unlikely to receive that full amount or anything close to it, according to the FTC.
  • 4 years of credit monitoring from Equifax, Experian and TransUnion via their separate monthly subscription services at a $2,842.72 value. (Credit monitoring is not the only way to protect your personal information.)
  • The FTC has taken the $125 option off its official "how to file a claim" page — citing limited funds and "an enormous number of claims filed" — but the option is still available via the online claim form.
Option 2:

If you file for a "time spent" cash payment — because you spent time trying to recover from or avoid fraud or identity theft — you have to log an explanation of that time spent, the approximate month and year, and the hours and minutes spent. You only have to attach supporting documents if you log more than 10 hours.

  • You can be compensated $25 per hour for up to 20 hours — so the most you can be reimbursed is $500.
  • If you log more than 10 hours, you'll also have to provide "reasonable documentation of fraud, identity theft or other alleged misuse of your personal information fairly traceable to the data breach (i.e., letter from IRS or bank or police report)."
  • Your "time spent" here can't relate to other data breaches.
Option 3:

You can get up to $20,000 if you lost or spent money trying to prevent or recover from fraud or identity theft caused by the data breach and have not been reimbursed.

  • There are 6 categories of financial losses that qualify under this option:
    • (1) costs for freezing/unfreezing your credit report
    • (2) credit monitoring and identity theft protection purchases
    • (3) costs incurred for an Equifax credit or identity theft monitoring products
    • (4) professional fees paid to address identity theft
    • (5) expenses related to the breach like notary, fax, postage, copying, mileage, etc.
    • and (6), the most general category — costs, expenses, or losses due to identity theft, fraud, or misuse of your personal information on or after May 13, 2017.
  • For each category, you have to document the amount of money spent or lost, provide the date, write a description and attach supporting documents.
  • If you spent or lost money for each category several times, add up the money you lost or spent and give your best estimate on the date.

Don't forget: There are other free or low-cost ways to monitor your credit. Some of the best ways to protect your personal information are to review your credit report, set up fraud alert, frequently change passwords, file taxes early, or consider a security or credit freeze, according to the Consumer Financial Protection Bureau.

Go deeper: Equifax agrees to data breach settlement worth up to $700 million

Editor's note: This story has been updated to note the FTC's removal of the $125 cash payment option on its "how-to-file" page.

Go deeper

Unpacking the Equifax settlement

Illustration: Aïda Amer/Axios

After Equifax agreed this week to a landmark settlement with state and federal regulators for its historic 2017 data breach, regulators are hoping that its penalties — which will cost Equifax up to $700 million — are big enough to deter the next firm from allowing the next breach.

Why it matters: There has never before been a breach like Equifax, where enough personal data was pilfered to steal the identity of the majority of U.S. adults. It's a milestone that consumers and regulators alike hope will only happen the once.

Go deeperArrowJul 25, 2019

What to do if you're a Capital One customer whose info was hacked

Photo: Rafael Henrique/SOPA Images/LightRocket via Getty Images

Approximately 100 million Capital One customers in the U.S. and Canada are caught up in a data hack that the bank claims happened in March. If you think you're among them, here are a few steps you can take.

Where to start: The bank says it will notify all affected customers, including 140,000 whose social security numbers were compromised, and offer identify protection services and credit monitoring. Both are worth taking advantage of.

Go deeperArrowJul 30, 2019

Data from 100 million credit applications stolen from Capital One

Photo: Johannes Eilsele/AFP/Getty Images

The FBI arrested Washington state resident Paige Thompson Monday morning for the digital theft of data from tens of millions of credit card applications, multiple news sites reported. Capital One confirmed broad aspects of the arrest in a press release.

What was stolen: Data from around 100 million credit card applications from between 2005 and 2019, including 80,000 bank account numbers and 140,000 Social Security numbers. 1 million Canadian Social Insurance Numbers were also stolen.

Go deeperArrowJul 29, 2019