In the wake of the major Capital One data breach, credit card customers not limited to Capital One may be wondering how to best protect their information. Now is a good time to review safe online banking practices.
The Virginia-based bank confirmed Monday that a hacker exposed some 100 million credit card applications and tens of thousands of Social Security numbers and bank accounts, Cox Media Group previously reported. About 100 million people in the United States and about 6 million people in Canada are believed to have been affected, according to a statement from Capital One.
Anyone who applied for a Capital One credit card from 2005 through early 2019 may be affected, the statement said.
Capital One said it will "notify affected individuals through a variety of channels" and will provide free credit monitoring and identity protection to anyone affected by the breach. The company hasn't specified exactly how affected customers will be notified.
While customers wait to be notified, there are a few steps to protect personal information that can be taken in the meantime.
Freeze your credit
Freezing your credit doesn't affect your score, and it is free through all three credit bureaus. You can freeze your credit at Equifax here: https://www.equifax.com/personal/credit-report-services/; at Experian here: https://www.experian.com/freeze/center.html; and at Transunion here: https://www.transunion.com/credit-freeze.
Set up fraud alerts
If you don't want to freeze your credit, NerdWallet recommends activating fraud alerts for your credit reports. You only need to place a fraud alert at one of the major credit bureaus and it will alert the other two. Fraud alerts last one year and are renewable.
Monitor your credit card activity
Pay attention to your credit card bill and bank statements. Most banks allow customers to access statements online. If you notice a charge that shouldn't be there, alert the bank immediately.
For added safety, insurer State Farm recommends changing passwords for your online bank and credit card accounts. Ensure the passwords are complex -- "password1234" isn't going to cut it -- and use multifactor authentication when it's available.
© 2020 Cox Media Group