Media Center

October is Cybersecurity Month: See 10 Steps To Protect Yourself After Identity Theft by PB&L Attorney Tammy Georgelas
October 18, 2018

Theft of personal or professional information can be devastating for victims, leaving them to wonder what to do next to mitigate damage to their credit, reputation and even their families. PB&L attorney Tammy Georgelas lays out 10 steps that should be taken immediately after learning you may have been a victim of identity theft. 

10 Steps to Protect Yourself After Identity Theft

1. Notifty your affected banks and credit card companies

Immediately contact each financial institution that has been affected, dispute any improper charges and ask to lock or close the account. If someone uses your ATM or debit card, your liability depends on how quickly you report it. Under the Electronic Fund Transfer Act, you must report the theft within two business days of discovering it to limit your liability to $50. For the next 60 days after the statement reflecting the fraud is mailed, you are liable for up to $500. After 60 days, a bank is not required to reimburse you. Credit cards are more forgiving. Most have zero-liability policies, and the Fair Credit Billing Act limits your liability for unauthorized charges to $50.

2. Place a fraud alert on your credit reports

Review your reports from each of the three major credit reporting agencies for any unknown accounts and alert the agency to suspicious data. You may obtain a free copy of your credit report from each agency once every 12 months by visiting or calling toll free (877) 322-8228. Contact information for the agencies is:

(888) 397-3742
535 Anton Blvd., Ste. 100
Costa Mesa, CA 92626    

(800) 680-7289 
P.O. Box 2000   
Chester, PA 19016     

(800) 685-1111
P.O. Box 740241
Atlanta, GA 30374

Even if you do not find any suspicious activity on your initial credit reports, the FTC recommends that you check your reports periodically. Thieves may hold stolen information to use at different times. Checking periodically can help spot problems and address them quickly.

3. Scour all three credit reports

This alert informs creditors of possible fraudulent activity within your report and requests that the creditor contact you prior to establishing any accounts in your name. An initial fraud alert is free and will stay on you credit file for at least 90 days.

4. Consider placing a security freeze on your credit files

This will prevent new credit from being opened in your name without the use of a PIN number that is issued to you when you initiate the freeze. Consider whether this is the right choice for you, because using a security freeze may interfere with or delay your ability to obtain credit when you need it. You can always release the freeze if necessary. Note that you should place a security freeze on your credit file with each separate credit reporting agency.

5. Protect your children

While safeguarding your own accounts, review those of your children as well. Thieves can wreak havoc with a minor’s credit for years before being discovered.

6. Review credit cards and bank statements for other unauthorized charges

Remain vigilant by reviewing your account statements immediately. If you detect any suspicious activity on an account, promptly notify the financial institution where the account is maintained.

7. Report the identity theft to the Federal Trade Commission (FTC)

Report the theft at Additional tips by the FTC on how to avoid identity theft are provided on the same website. Identity Theft: A Recovery Plan, is an excellent resource to help you deal with identity theft and can be found at:  

8. Contact your local police department

In addition to filing a report with the federal government, contact your local police department. While they may not be able to do anything if your identity was stolen by criminals online, your report could help them track down someone who is stealing information locally. Make sure the police report lists all accounts with fraudulent activity, and give as much documentation as possible. Keep a copy of the report for your records.

9. Upgrade your passwords to passphrases

Update your passwords to all online accounts, and consider converting to a personal passphrase that has meaning to you, such as: “Laziness means more work in the long run.” This passphrase is long, complex and includes special characters that make it harder to decode. It is also much easier to remember than a convoluted password.

10. Enable multi-factor authentication

Multi-factor authentication (MFA) is a security system that requires two or more methods of independent authentication to verify your identity before allowing access. Examples include providing something you know, e.g. a passphrase, with something you have, e.g. your cell phone, or something you are, e.g. your fingerprint. MFA can be enabled with most financial institutions and on popular websites like Google, LinkedIn and Facebook.

To contact Tammy Georgelas and learn more about her practice, click here.