It’s hard to predict, but the potential for harm is huge, said Ana Anton, a professor in the Georgia Tech School of Interactive Computing. “When you are doing things in bulk like this, there are all kinds of things that can be done, things that we cannot really imagine.”
News of the breach got the attention of James Cochran, 24, of Smyrna.
He monitors his own financial activity. He gets a daily email of his debit card spending and text alerts when his credit cards are used.
While he worries, he said, he can’t stop being himself, can’t stop living and can’t stop being part of the vast, interconnected, digitized network of the economy. “The only cure is to live off the grid. And for 99 percent of Americans, that is not feasible.”
It is near impossible to pinpoint where data is stolen from. However, Equifax didn’t tell the public about the breach until months after it found out.
John Jahera, a finance professor at Auburn University, said he discovered fraudulent activity three separate times over the summer. And he thinks that’s because of the Equifax breach. First, there was an attempt to misuse his bank debit card, then applications for credit were made in his name. Finally, someone tried to change his address and forward his mail elsewhere.
“I suspect they were all related to Equifax, although I can’t prove that,” he said.
Jahera recommends aggressive counter-measures, like freezing your credit and monitoring your accounts. He thinks American consumers can expect a concerted campaign to steal millions or even billions of dollars with the Equifax data.
“When we move into the next tax filing season, I think we will see lots of fraudulent filings,” he said. “And I don’t know what you can do to prevent that. You deal with the IRS on that and it can be very slow. It can take six months to a year to be resolved.”
Hackers may steal data for themselves, but they may also sell it, finding buyers in the dark corners of the internet. However they get the information, scammers can then use it to coax more data from the unwary.
Even better for the criminals, they can operate from pretty much anywhere in the world.
But, once credit is frozen, crooks can’t get a new credit card or take out a mortgage in your name.
Still, that’s not an option for everyone.
“I have to get a car loan, so I can’t really get a credit freeze yet, can I?” said Debbie Fitzgerald, 49, of Cumming.
Then again, said Fitzgerald, “If my identity is stolen, then I really can’t get a car loan.”
And the danger is not temporary, since data can live online forever.
Certainly the crooks can be patient, said Keith Snyder, an industry analyst with CFRA Research. “This is data that is extremely permanent. They can sit on it without it losing value. I would say they’re waiting for the buzz to go down.”
Which means you’d better be ready, said Jeff Blyskal, who has been tracking data breaches as senior editor of Consumer Reports.
First, watch out for “phishing,” the legitimate-looking emails that ask you to provide information or passwords, or maybe to click on links, he said. “You need to expect that someone will try to use the data that’s out there to get more data.”
Whatever the hassle, he, too, recommends freezing your credit.
“The credit report is the front door to your finances, and you don’t want to leave that wide open,” Blyskal said. “The way identity theft crime works is like other crime works. The criminals are looking for the easiest way.”
Services that monitor your data and your identity are worth the money, he said. “Don’t panic, but take it seriously and take defense of your identity seriously.”
If you have to deal with an illicit attempt to use your credit, you should file a police report, he said. “You need to establish a paper trail.”
Consumers need to realize that the rules have changed and start playing the long game, experts say.
The vulnerability of databases like those at Equifax have opened the gates to a virtual tsunami of information about hundreds of millions of people who thought their lives were private.
There are names, addresses, health information, insurance details, Social Security numbers, personal and financial information, bank accounts and school records.
Maybe the hackers were just a small group of thieves, looking for a huge pool of data to use at their whim, said Georgia Tech’s Anton said. Or maybe they had a larger agenda .
“I imagine that if anybody went to the trouble of doing this, they had to have something in mind,” she said.
Staff writer Russell Grantham contributed to this story.
MYAJC.COM: REAL JOURNALISM. REAL LOCAL IMPACT.
AJC Business reporter Michael E. Kanell keeps you updated on the latest news about jobs, housing and consumer issues in metro Atlanta and beyond. You'll find more on myAJC.com, including these stories:
Never miss a minute of what's happening in local business news. Subscribe to myAJC.com.