Account Security Tips for Equifax Personal Identification Leak

Non-investing personal finance issues including insurance, credit, real estate, taxes, employment and legal issues such as trusts and wills
Post Reply
Posts: 8
Joined: Mon Feb 20, 2017 11:34 pm

Account Security Tips for Equifax Personal Identification Leak

Post by steve_giblets001 » Wed Sep 13, 2017 4:15 pm

In addition to freezing credit at 3 major companies, is anyone concerned about general security of wealth? A lot of people in this forum have significant savings in brokerages like Vanguard. I'm more concerned about someone stealing identity and then ordering ATM cards, spoofing phone number, or worse, draining accounts or placing unauthorized trades.

For brokerages like Vanguard specifically, how are people managing security now that your SSN is likely out there. I enabled 2-factor authentication on my email in case password resets get sent there.

I'm also using a password manager (keepassx) that has generated strong passwords (30 characters, random) for every online login I'm using. But that doesn't prevent someone from requesting password reset using ssn and/or phone number/address...

Any other steps people recommend to secure assets?
Last edited by steve_giblets001 on Wed Sep 13, 2017 4:37 pm, edited 1 time in total.

User avatar
Posts: 931
Joined: Sun Mar 27, 2016 6:25 pm

Re: Account Security Tips for Equifax Personal Identification Leak

Post by CAsage » Wed Sep 13, 2017 4:34 pm

Do the 4th Credit reporting agency Innovis and Chex Systems, which is used for opening bank/checking accounts.

I am also fretting/stressing about how to secure everything else - if all my data is out there! I just closed an unused credit card at my primary bank, so at least my checking/cash accounts no longer have credit card access. Closing several unused other department store Visas. I am looking into adding security questions to every account I care about, two-factor logins, thinking about creating a new more-secure email just for Vanguard and important password resets. Worried that if they steal my phone, they can send password reset texts there .... So many fears! Perhaps a glass of wine and a long run will help restore my zen.
Salvia Clevelandii "Winifred Gilman" my favorite. YMMV; not a professional advisor.

Posts: 793
Joined: Mon Nov 14, 2016 10:10 pm

Re: Account Security Tips for Equifax Personal Identification Leak

Post by Wakefield1 » Wed Sep 13, 2017 5:08 pm

If your account has password reset with security questions,use nonsense answers to the security questions (and write them down since you will never remember them)
Probably better if the account doesn't have password reset (unless by appearing in person and/or using public notary witnessed signatures or something)-would be a real problem if you lose the password
Use another password instead of your real name for a "user name" or "logon name"
Don't use/own a cell phone-does that help or hurt?

Posts: 1
Joined: Wed Sep 13, 2017 8:27 pm

Re: Account Security Tips for Equifax Personal Identification Leak

Post by hitemhard » Wed Sep 13, 2017 9:03 pm

This is such an important topic and I'm shocked to see that many people don't think about security and privacy much. I work in a professional environment and I'm surprised that many people in managerial positions haven't even bothered to check if they're affected.
I use LastPass as a pwd manager and I really like it. It works with all browsers and it's slick. It can generate random passwords for you and can also let you store notes, etc.
Here is some advice that hopefully will help someone:
a) double check all your online accounts and make sure your contact info is up to date. I was surprised to find an old inactive home phone number as my contact info on some online accounts.
b) Sign up for two-factor authentication on all websites that offer it and make sure you have the correct contact#
C) Setup alerts on all your bank accounts (or with banks that offer them). Some smaller banks still live in the 90's and don't offer alerts. I'd switch to a bigger bank if yours doesn't offer it. Setup alerts for any transactions that's more than $0. Yes, you'll get extra emails. But you'll know right away when something goes wrong.
d) Use a password manager and make sure your master key/pwd is strong/long enough.
e) I initially wanted to consolidate all my previous 401K's and investments accts into one single place. after this incident, I think I don't think it's good to leave your eggs in one basket. So if all your money is in one brokerage acct, I'd look into spreading it over 2-3 separate accounts (if feasible).

I know this advise should help minimize your risk. But this still won't stop someone who has all your private information from attempting to break into your brokerage account. They certainly can try reseting your password on sites that allow you to use an SSN. But they won't get the reset pwd email/text since they don't have access to your inbox. But they can certainly try other social engineering methods. They could sweet-talk someone in the call center, or come up with a story that their email was hacked and they want to update the current info. Who knows! These guys are pros! If they could hack Equifax, Sony, Target, Anthem, and many other big enterprises, I'm sure they can hack a brokerage account.

I hope this helps. I'm reading more and more about this and it's scaring me. I just hope that whoever stole the information isn't going to publish it on wikileak or some other public site. That would make things even worse in my opinion.

Posts: 1687
Joined: Tue Dec 21, 2010 3:55 pm

Re: Account Security Tips for Equifax Personal Identification Leak

Post by wrongfunds » Thu Sep 14, 2017 9:10 am

In light of the Equifax breach, NOT having set up online access to various mutual fund accounts in the past is turning out to be a big mistake now? I was under impression that NOT creating online account for mutual funds, I had one less thing to worry about hacking. I was keeping track of the monthly/quarterly paper statements.

User avatar
Posts: 3921
Joined: Wed Feb 19, 2014 10:11 am

Re: Account Security Tips for Equifax Personal Identification Leak

Post by DaftInvestor » Thu Sep 14, 2017 9:17 am

VictoriaF started a nice list in this post:

The additional step I am considering is to cancel my mint account (Although I have faith that Intuit takes security very seriously nothing is guaranteed) and no longer allowing any of these services (Quicken, Mint, YNAB, Personal-Capital) to have my sign-in info to pull my transactions. I do like to run reports against my cash-flow from time-to-time but may move over to CSV downloads and spreadsheets to do so. I know some folks on this forum have been saying this for sometime but I've really enjoyed getting the analysis without doing much work.

Post Reply