If your data was exposed in one of the many recent breaches (AT&T, Change Healthcare, National Public Data), here's exactly what to do. These steps are Texas-specific.
Immediate actions (do all of these today):
-
Freeze your credit at all three bureaus. Free under federal law.
- Equifax: equifax.com/personal/credit-report-services/credit-freeze
- Experian: experian.com/freeze
- TransUnion: transunion.com/credit-freeze
-
Freeze ChexSystems (bank account fraud): chexsystems.com
-
Set up IRS Identity Protection PIN: irs.gov/identity-theft-fraud-scams/get-an-identity-protection-pin. Prevents fraudulent tax returns.
-
Enable two-factor authentication on everything. Use an authenticator app (Google Authenticator, Authy), NOT SMS.
Texas-specific resources:
- File an identity theft report with Texas AG: texasattorneygeneral.gov/consumer-protection/identity-theft
- Texas Identity Theft Enforcement and Protection Act (Business and Commerce Code Chapter 521) — Requires businesses to notify you within 60 days of a breach.
- Free annual credit reports: annualcreditreport.com (federally mandated)
Monitoring:
- Credit Karma (free) — monitors TransUnion and Equifax
- Many breached companies offer free Experian monitoring — take it
If identity theft has already happened:
- File a report at identitytheft.gov (FTC)
- File a police report with your local PD (you need this for disputes)
- Dispute fraudulent accounts with each bureau in writing (certified mail)
Sources:
- FTC — identitytheft.gov
- Texas Business and Commerce Code, Chapter 521
- Texas Attorney General — identity theft resources
- IRS — Identity Protection PIN program
Freeze your credit. It takes 10 minutes. There is no downside.
Hot take or facts?
SMS two-factor is basically useless now. SIM-swapping attacks defeat it. Use an authenticator app or hardware key.