If everyone affected by the University of Maryland data breach takes the school up on its offer for free credit monitoring, UM could be on the hook for $3 million, according to The Baltimore Sun.
However, Sun reporter Carrie Wells writes that the university doesn’t expect all those people to actually enroll in the service. My question is, why on earth not?
We’re not talking about credit card numbers here. We’re talking about names, birth dates and Social Security numbers — those little nuggets of information that definitively verify you are who you say you are. You can’t change your whole identity as nonchalantly as you can request a new piece of plastic to swipe at Target (or, you know, another retailer with a secure IT system.)
It is possible to change your Social Security number, but it’s a serious hassle. Plus, you can’t simply change it as a precaution; you have to prove to the Social Security Administration that you are experiencing ongoing problems because someone has been misusing your existing SSN (or that you’re trying to escape domestic violence and become a new person).
If the change is due to identify theft, you also have to show that you’ve exhausted all other means of stopping the slimeball who stole your info.
Even if you do jump through the necessary hoops to get a new number, you aren’t guaranteed a fresh start. Remember, the hacker(s) also know your name and birthday, which can be used to wreak all sorts of havoc on their own.
Plus, think of all the entities you’d have to inform of the change: governmental agencies, like the Internal Revenue Service and the Maryland Motor Vehicle Administration; your employer; your bank; credit card and utility companies and any other businesses that store your information.
And with a new Social Security number, your credit history will be wiped clean. That may make it harder to get a loan or open a new credit card.
Moral of the story? Take advantage of the free credit monitoring. The university is offering one-year memberships to the ProtectMyID Alert service from Experian Information Solutions Inc., according to an announcement on Friday morning. The alert service helps detect possible misuse of personal information and helps customers resolve identity-theft problems if they were to occur.
Individuals worried about whether their information was stolen can call Experian (1-866-274-3891) starting on Tuesday at 9 a.m. to determine if their records were compromised and to enroll in the monitoring service. They must activate the service by May 31. Customers will also be given access to Experian’s ExtendCARE service, which provides fraud-resolution support after the one-year monitoring membership expires.
Experian representatives are currently available to answer general questions. The hotline’s hours are: Monday through Friday from 9 a.m. to 9 p.m.; Saturday and Sunday from 11 a.m. to 8 p.m.