The Identity Hack FAQ

Upon finding out that your identity has been compromised, it is easy to envision nightmare scenarios that include thieves buying extravagant homes under your name or draining your entire life savings. To help avoid these terrifying consequences, it is imperative that you take swift action immediately upon being alerted to a compromise. Here are some best practices to help lessen the damage associated with a stolen identity.

Who should I contact after my identity has been stolen? 

• Credit-Reporting Agencies
  • Contact one of the three major credit-reporting agencies—Equifax, TransUnion, or Experian — to place a fraud alert on your credit file.

    • To contact Equifax, call 1-888-766-0008 or visit https://www.equifax.com/personal/credit-report-services

    • To contact Experian, call 1-888-397-3742 or visit https://www.experian.com/fraud/center.html

    • To contact TransUnion, call 1-800-680-7289 or visit https://fraud.transunion.com/fa/fraudAlert/landingPage.jsp

    • The agency you place a fraud alert with will contact the other two 

  • Be sure to renew the fraud alert every year (it's free to do so) until you're satisfied the matter has been settled.
  • Tell each of the three agencies that your identity has been stolen and they should provide you with free copies of your current credit reports.
  • Review your credit reports for unfamiliar accounts, suspicious activity, and unknown inquiries from companies.
• IRS 

  • Report the theft of a Social Security number (SSN) to the IRS at http://www.irs.gov/uac/Identity-Protection or call 1-800-908-4490

  • Reporting the theft of your SSN to the IRS will help prevent criminals from filing tax returns in your name and collecting your tax refund. 

• To see if your SSN is being used by someone else for employment purposes, review your Social Security Statement at www.socialsecurity.gov/myaccount for suspicious activity. 
  
  

Is there anyone else I should contact?

• Financial Institutions
  • Contact your financial institutions to review your credit card and account activity so that anomalous behavior can be identified. 
• FTC

  • Report the identity theft to the Federal Trade Commission at http://www.idtheft.gov or call 1-877-IDTHEFT.

  • The Federal Trade Commission offers a good resource on what to do in case of identity theft at http://www.consumer.ftc.gov/features/feature-0014-identity-theft.

• Local Police

  • File an identity-theft report with your local police, and if you have the phone number (via caller ID) or other information of the criminal who appropriated the SSN, be sure to share it with the authorities.

  • The police report will help clear your records and your name, and is necessary to have if you want to apply for a new Social Security number. 

• IC3
  • Report the theft of your Social Security number to the Internet Crime Complaint Center at http://www.ic3.gov/, which in turn will distribute information to the relevant federal, state and local authorities. 
    
    

If problems arising from the theft of an SSN are not improving, what should I know about obtaining a new SSN?

• If you decide to obtain a new SSN, the first step involves completing a standard SSN application form, but be prepared to plead your case and to have ample documentation.
• Getting a new SSN is not easy as you have to prove that the theft of your SSN has caused you serious hardship in the form of denied home mortgages, problems with law enforcement or the IRS, or bad credit that can't be easily cleaned up.
• It is entirely up to the Social Security Administration to decide whether you can get a new number, so if they do not think you need a new SSN, you may not receive one. 
  
  

Will a new SSN make the identity theft problem go away?

• A new SSN will have a completely blank credit history, so getting credit will be difficult for a few years unless you link it to your old, compromised number.

• A new SSN does not mean the identity-theft problem will go away, as the old number will remain valid; you will have to keep monitoring it for future incidents, and government agencies or businesses will still link you to it.

• An old SSN never completely goes away, even if it goes dormant, as the Social Security Administration never invalidates an SSN once it has been issued. 
  
  

What other tips should I remember if my identity is stolen?

• While many stolen SSNs are used simply to gain employment, with no detrimental effect to the legitimate holders of the SSN, others may be used to defraud banks, retailers, the IRS, and other government agencies (e.g., unemployment benefits), which could negatively impact your credit rating.

• The Office of the Inspector General (Social Security Administration) recommends that you keep records of your correspondence and telephone calls, in addition to “other documents verifying your efforts to correct the problem.”
  
  

For more information or to set up a meeting to discuss how Citrin Cooperman can help protect your sensitive information, please reach out to Kevin Ricci.

Kevin Ricci, MCSE, CISA, CISM, CRISC, QSA Principal kricci@citrincooperman.com