Identity theft is a growing concern for business owners, but many are unsure of what actions to take if they become victims themselves. It is crucial to know how to respond promptly in order to minimize any potential damage. According to Javelin’s 2020 Identity Fraud Survey, 13 million American consumers fell victim to this crime in 2019, resulting in losses of nearly $17 billion. When hackers gain access to your business’s information or your clients’ personally identifiable data (PID), they can engage in illegal activities, such as making unauthorized purchases, opening new lines of credit, or even fraudulently claiming tax refunds.
Even if you have a reliable identity theft protection package in place, there are additional steps you should take if your business’s data is compromised. Time is of the essence, as it takes an average of 280 days for victims to detect a data breach, according to IBM. This statistic highlights the importance of acting swiftly. However, the most effective measures you can take are preventive ones.
As you may already know, identity thieves often sift through garbage or steal mail to gain access to their victims’ data. Therefore, it is crucial to securely dispose of any correspondence containing personal details. Since many cases of identity theft occur online, it is also essential to take precautions to secure your home and work networks against data breaches. Regularly changing passwords for all online accounts and using random strings of numbers and letters is a vital step.
Additionally, consider installing robust antivirus software and opting for a virtual private network (VPN) that ensures anonymity while browsing the internet.
Step 1: Contact the relevant fraud departments If you suspect that you have fallen victim to identity theft, it is natural to feel overwhelmed with stress and anxiety. Fortunately, most banks and credit card companies have dedicated fraud departments with trained advisors to assist you. Contacting these departments should be your first course of action. They will likely freeze your account, cancel your cards, and work with you to change your security details.
Even if you do not have access to paper statements, you can find relevant phone numbers online. If the fraud involves the use of your Social Security number, it is recommended to notify the Internal Revenue Service as well.
Step 2: Notify your identity theft protection company If you have an identity theft protection policy, it is important to report the incident to the company that provides your coverage. These service providers will work to restore affected accounts, which can significantly reduce your stress levels. Services may include freezing your credit, canceling issued cards, and arranging for replacements. Depending on the policy, the company may also cover associated legal costs.
Step 3: Report the crime to the police/FTC While your priority may be limiting financial damage and protecting your future credit, it is crucial to remember that identity theft is a serious crime. File a report with your local police department to alert the authorities and create a paper trail for potential further investigation. Additionally, report the incident to the Federal Trade Commission (FTC), which monitors identity theft data. The FTC can collaborate with government agencies and help create a personalized recovery plan.
Step 4: Run a credit check If your PID has been stolen, it is likely that multiple accounts have been affected. The most effective method to check for anomalies is to run business credit checks with major credit reporting bureaus such as Equifax, Experian, and Dun & Bradstreet. It is also advisable to check your personal finances by consulting Experian, Equifax, and TransUnion. During this process, you can request a fraud notification to be added to your file, alerting potential borrowers to your past identity theft.
Step 5: Gather evidence Despite feeling overwhelmed, providing as many details as possible about your business’s account to relevant fraud departments will strengthen your position. Thoroughly explain why you believe you have fallen victim to fraud and maintain a record of your activities during the period of the incident to demonstrate your innocence.
Step 6: Get everything in writing In the unfortunate event that you find yourself struggling to prove your innocence, it is crucial to keep detailed records of your conversations with company representatives. Take note of the employee’s name and call time. Additionally, send follow-up emails to confirm the details discussed and request a confirmation of receipt from the company.
Step 7: Seek specialized legal advice If you can afford it, consult a lawyer experienced in handling identity theft cases. The companies involved in the fraud may not automatically believe your version of events, and you may find yourself being treated as a suspect. Furthermore, your lawyer can assist in dealing with alleged creditors on your behalf.
Step 8: Notify affected clients As a business owner, you hold a position of trust, and your clients may have shared their PID with your systems. If a data breach occurs, it is essential to inform affected individuals promptly so they can take necessary steps to minimize damage to their own identities. Seek legal advice and consult your PR department, if available, as such incidents can lead to reputational damage and potential legal implications.
In conclusion, it is natural to panic when faced with identity theft, but there are steps you can take to mitigate the damage and restore your company’s financial well-being. It is important to practice good cyber hygiene even before a breach occurs, such as regularly changing passwords and investing in identity theft protection software. Remember, prevention is the best defense against identity theft.