ID thieves like to find SSNs for minors because they know it’s a clean number with no adverse information. They can open accounts in the child’s name and exploit them for years – maybe until the child starts applying for financial aid for college.

Check your own credit report regularly. You are eligible for a free report every 12 months from each of the three major credit reporting agencies through annualcreditreport.com. I recommend looking at one of the three every four months – you get an 80% view but three times as often.

At the same time, check your kids’ credit reports. You can’t use the same online site, though. You’ll have to send a physical letter to the credit reporting agency. Be sure to include your child’s complete name, address, date of birth, a copy of the child’s birth certificate and social security card. You’ll also have to send a copy of your driver’s license and a current utility bill containing your current address. If everything is clear, you’ll get a letter back that they can’t find a record for that ID.

According to ECMC, the stolen information was on a portable media device. In the words of their spokesman Paul Kelash, “It was simple, old-fashioned theft. It was not a hacker incident.” More proof that the simple threats are still the most serious. The company does use key-card control of their physical facility but has not yet released how the theft was accomplished. It’s rarely hard to tailgate into a building then walk out with a thumbdrive.

Notices have not gone out yet so we don’t know if it’s just current loan holders or if the breach included information on closed accounts as well. ECMC is the designated guarantor for loans in Oregon, Virginia and Connecticut which I interpret to mean that you may be at risk if you got your loans through schools in those states. But the way those documents get shared around, any of us with loans could be at risk.

If you haven’t checked your credit report lately, this is a good excuse to do so. You are eligible for a free copy of your credit report every 12 months. Be sure to go to the official site (not the deceptive site with the goofy adds and “free” in the domain name). And remember that you can check just one of the three credit reports, saving the other two for 4 and 8 months later respectively.

If you remember, Lifelock’s CEO posted his real Social Security Number on billboards and buses around the country His identity was subsequently stolen but that didn’t stop the company from continuing to advertise that its services would “prevent identity theft”. The company promised far more than any company could ever really deliver. Especially since the primary ‘defense’ that they put in place for their customers was a credit alert, something which any consumer can arrange him/herself for free. Those month charges added up to a lot of money for a couple of stamps and a note on your calendar.

In the settlement, the company admitted no wrongdoing but they’ve said that they have “changed their business model”.

If you haven’t checked your credit report lately, you should. Remember that you’re entitled to a free copy every 12 months (and go to the legitimate site, not the scam site with “free” in the domain name). If you think you’re at special risk of ID theft, consider implementing a credit alert or even a credit freeze. Don’t forget to check the credit reports of at-risk family members (children and dependent elders) while you’re there.

You are entitled to a free copy of your credit report (though not your credit score) every 12 months. Follow the instructions at www.annualcreditreport.com to request your credit report from each of the three major credit reporting agencies. (Stay away from the scam site that runs the goofy adds and has “free” in the domain name. They are anything but free.)

When reviewing the credit reports, look for:

• adverse actions on your accounts that might indicate that you have been a victim of identity theft
• accounts that have been opened in your name without your knowledge. Even if the identity thief is making the payments regularly, the account could still be in use for illegal activities.

If you find a discrepancy, follow the specific instructions on the website to dispute any incorrect information.

Some other suggestions:

• Don’t forget to check the credit reports of your immediate family members, especially minor children and dependent elders. Both of those groups are at elevated risk of identity theft.
• Remember that you are also eligible for a report every 12 months from any of the specialty agencies which have information about you.
• If you want more frequent feedback on your credit history, consider asking for your free copy from only one of the major credit reporting agencies at a time. Space the requests for the other two agencies out every four months. For example, you could ask for your free copy from Experian in March, your free copy from TransUnion in July and your free copy from Equifax in November. Once you start, you will have to keep the same rotating pattern. Schedule the requests on your calendar.

Note: Several people have asked my opinion of credit monitoring services. I do not consider them worth the money if you are taking the regular precaution of checking bank and credit card statements and are reviewing your credit report at least annually. They might be useful if you are a recent victim of identity theft or are in some other high-risk category but they’re overkill for most of us.

Under federal law, you are entitled to a free copy of your credit report every 12 months but the credit reporting agencies charge extra for the actual credit score (the number between 300 and 850 or so). The report is useful for finding and cleaning up identity theft but not much use when you’re planning to buy a car or a house. Lots of scam sites offer your credit score but you have to sign up for expensive and usually unnecessary monthly fees to see it.

CreditKarma actually lives up to their promise. They will get your actual credit score and show it to you for free. They make their money through advertising. As long as you’re willing to wade through the ads…

Better, they have a “Report Card” to show you how your score and its different components stack up to the rest of the population. (I did okay on most components but was surprised to learn that my score was hurt by not having enough accounts with different lenders. Consolidation makes keepng track of the family finances easier but apparently there are costs to that decision.)

CreditKarma also has a simulator that can give you an idea how certain actions will change your credit score. For example, if you pay off a credit card balance, you can see how much your score would likely increase. (The simulator was a little glitchy the day I tried it but it’s a great idea.)

You will have to give them some identifying information (including your SSN) but their privacy policy looked strong and their CEO has made public commitments about their approach to privacy.

A couple of quick caveats. First, this site will not necessarily give you the exact FICO score that’s used by your bank. Each credit reportig agency uses a slightly different algorithm (and your score can vary a little from day to day dependng on your financial activities). CreditKarma’s score is based on TransUnion data and will still give you a good sense of your credit standing even if it’s not exactly the same number your bank uses. Second, some of the ads look a lot like the informational parts of the webpages. Be especially careful to read the fine print if you follow any of their links. It’s not hard to slip from their site to one of their advertisers’ without noticing it.

Overall, I was very impressed with the ease of using the site and with the usefulness of their information. Everything was well explained and clearly laid out. I plan to continue using the site to supplement my regular reviews of my credit report.

The first thing is to take a deep breath. Breach disclosure letters can be intimidating but don’t panic. Take the time to figure out what, if anything, you should do. Read the disclosure letter itself very carefully. The disclosure letter should have some details about the breach. It may be enough to show that the breach didn’t apply to you. (I got a letter recently about my son’s medical information. Based on the dates in the letter, I knew that the breach couldn’t have affected him.) If you want more information, look on the internet. Check out the company’s website but also look for independent news reports. Be cautious about the blogs and other unverified sources, though. Look specifically to see what information is at risk. Also try to figure out whether the information was stolen or merely lost. If it was stolen, the odds are much higher that the information will be misused.

If you think it was stolen, start watching your accounts carefully, especially if the compromised information included bank or credit card numbers. Check those accounts online daily, looking for unauthorized transactions. If you see something suspicious, call your bank immediately.

If you haven’t done so recently, request a copy of your credit report. You should be in the habit of checking it regularly. Be extra vigilant for a cycle or two after receiving a breach disclosure letter. If the thief is going to abuse your account, it will probably only be for a few large transactions sometime within 3-6 months of the theft.

If your Social Security number has been compromised, strongly consider calling the three major credit bureaus to put a fraud alert on your records. When reviewing your credit report, look particularly for new accounts opened in your name. If you feel you’re at a particularly high risk, you can also implement security freeze, though the costs may outweigh the protections for most people.

If the breach disclosure letter says that you are eligible for credit monitoring, think about that. Personally, I don’t believe they will do anything for me that I’m not already doing for myself for free since I already monitor my credit report. I don’t want to put my personal information in the hands of yet another company just so they can do the same thing. Worse, some of these monitoring services put into the contract that they will automatically renew you (for fee) when the free period runs out. I don’t want to have to remember to turn off the monitoring in a year. But if monitoring will help you sleep better at night, consider it.

Finally, if you’re an actual victim of identity theft ( not just credit card fraud), you do want to call the police and file a police report according to Paul Stephens, director of policy and advocacy for the Privacy Rights Clearinghouse. Keep a copy of the police report for your records. You’ll need it to prove your innocence as you attempt to clean up your credit reports. Follow the instructions at the credit reporting agency’s website to dispute incorrect information.

Even if your state does not have a credit freeze law, the three major credit reporting agencies now offer freezes voluntarily. To institute a credit freeze, you generally need to send a written request to each of the three major credit reporting agencies. The specific instructions vary from state to state. You can find links to each state’s instructions at ConsumersUnion.org. The states allow the credit reporting agency to impose a fee to initiate the freeze (usually $5-10 per credit reporting agency but often free to confirmed victims of identity theft) .

If you do freeze your credit report, you will have to lift the freeze whenever you want credit. Under almost all the state laws, you’ll have to pay again each time you want the freeze lifted. This can make opening a new account or even changing your existing service more difficult and expensive. When you apply for the freeze, you will be given the instructions and PIN needed to lift the freeze. In some cases, you’ll have to lift the freeze yourself – in others, you might be able to authorize the merchant to do it for you. Either way, it will take some extra time. It will also make you ineligible for “instant credit” unless you lift the freeze before going to the store.

The credit freeze laws have implications for businesses that use credit reports for purposes other than lending (such as evaluating underwriting risk). Unless the state law has explicitly carved out that usage as allowed (and many but not all states did for underwriting), the business should expect extra paperwork and several extra steps in the process to get permission to view the consumer’s credit report. The law varies from state to state. Check with your corporate counsel for details.

As a consumer, you should also know that a credit freeze will not necessarily keep you safe from identity theft. While most reputable creditors will check your report before issuing credit, some don’t. Identity thieves can still exploit those situations, knowing that you will have to pay the consequences. A credit freeze also will not protect you from exploitation of existing accounts.

If you are at increased risk of identity theft and already have a house, car, phone service and the credit cards you need and you see no near-term need to refinance any of them, a credit freeze might be appropriate for you. If you have few risk factors or will need to legitimately seek credit for yourself soon, a credit freeze could be more trouble than it’s worth. Personally, I do not have a credit freeze on my account. I take normal precautions to make my identity hard to steal in the first place (I have a shredder and use it, I don’t leave financial documents like credit card bills on the kitchen counter, I don’t keep my SSN in my wallet, I use strong passwords, etc) and I check my credit report regularly. To me, the incremental protection of a credit freeze is not now worth the extra hassle and expense.

This is your annual reminder to request your credit report. Under the Fair and Accurate Credit Transactions Act (FACTA), every consumer is eligible for a free copy of his/her credit report every 12 months. Follow the instructions at www.annualcreditreport.com to request your credit report from each of the three major credit reporting agencies.

When reviewing the credit reports, look for:

• adverse actions on your accounts that might indicate that you have been a victim of identity theft
• accounts that have been opened in your name without your knowledge. Even if the identity thief is making the payments regularly, the account could still be in use for illegal activities.

If you find a discrepancy, follow the specific instructions on the website to dispute any incorrect information.

Don’t forget to check the credit reports of your immediate family members, especially minor children and dependent elders. Both of those groups are at elevated risk of identity theft.

Remember that you are also eligible for a report every 12 months from any of the specialty agencies which have information about you.

If you want more frequent feedback on your credit history, consider asking for your free copy from only one of the major credit reporting agencies at a time. Space the requests for the other two agencies out every four months. For example, you could ask for your free copy from Experian in March, your free copy from TransUnion in July and your free copy from Equifax in November. Once you start, you will have to keep the same rotating pattern. Schedule the requests on your calendar.

Unfortunately, if you discover family-related identity theft, there are few good solutions. Most of the legal protections that you have as an identity theft victim will require that you file a police report. The police report could lead to prosecution and even jail time for the offending family member. Few families are ready for the emotional difficulties of prosecuting the case.

Occasionally, a lender will let the victim off the hook without a police report if the thief admits to the deed and commits to making payments and has the means to do so, according to Linda Foley of the Identity Theft Resource Center. The family typically needs to hire a lawyer to conduct the necessary negotiations and to draw up the paperwork.

If you live in a “credit freeze” state (OH is not one yet), you can at least stop further abuse of your identity by putting a freeze on your account and on the accounts of the rest of your family. Freezing your account may not require a police report. Check your state laws for more.

Prevent identity theft in the first place by buying a shredder, locking up or filing bills and statements with personal information and checking your credit report regularly. You can request your own credit report online for free every 12 months. Don’t forget to check your family members’ credit reports at the same time. Children and dependent elders remain high priority targets for identity thieves. (Note: Requests for the credit report of a minor under age 13 must be submitted in writing on this form and with the identifying documents listed here.)

Credit Report reminder: For those of us on the “trimester plan” for reviewing our credit reports, it’s time to ask from for your free copy of your credit report from the next agency.

When reviewing the credit reports, look for:

• adverse actions on your accounts that might indicate that you have been a victim of identity theft
• accounts that have been opened in your name without your knowledge. Even if the identity thief is making the payments regularly, the account could still be in use for illegal activities.

If you find a discrepancy, follow the specific instructions on the website to dispute any incorrect information.

Don’t forget to check the credit reports of your immediate family members, especially minor children and dependent elders. Both of those groups are at elevated risk of identity theft.

Remember that you are also eligible for a report every 12 months from any of the specialty agencies which have information about you.

If you want more frequent feedback on your credit history, consider asking for your free copy from only one of the major credit reporting agencies at a time. Space the requests for the other two agencies out every four months. For example, you could ask for your free copy from Experian in March, your free copy from TransUnion in July and your free copy from Equifax in November. Once you start, you will have to keep the same rotating pattern. Schedule the requests on your calendar.