WORD TO THE WISE: Are you affected by the latest government data breach?
The U.S. government's Office of Personal Management has been notifying those affected by a recent cyber security breach that their personal data was compromised. Unfortunately, scammers are also "notifying" consumers. Here's how to identify a real government-issued notification letter and the signs of a scam.
So how do you spot the real letters from the Office of Personal Management? You don't have to be a U.S. federal employee to receive a notification from the office. The breach was wide-reaching, and there are many ways your personal information may have been included. Common ones include:
Past and present federal employees;
Spouses and other co-habitants listed on federal background investigation applications;
Applicants for a federal job;
Those who worked or volunteered with a federal agency but are not federal employees.
Real letters contain a 25-digit PIN to register for credit and identity monitoring services. Make sure your PIN is real by entering it at opm.gov/cybersecurity. It also would include instructions to visit the website opm.gov/cybersecurity to get more information and sign up for monitoring.
Unfortunately, scammers love to take advantage of large government initiatives. Be on the lookout for scammers attempting to cash in on this effort:
OPM will not contact you for personal information. OPM, or anyone acting on its behalf, will not contact you to confirm personal information. If you are contacted by anyone claiming to represent OPM do not share your information.
Email is not used in this round of notifications. OPM did email to notify those affected by the breach this past summer. This time, they are sending letters by U.S. Postal Service. An email claiming otherwise is a scam.
Lost your PIN or didn't receive a letter? If you have not yet received a letter but think you have been affected, you can contact the verification center at opm.gov/cybersecurity or by phone at 866-408-4555.
You can learn more about this data breach and the U.S. government efforts to notify those affected on OPM's website. It is also important to be vigilant in protecting your identity from the many other data breaches that will occur in the future. BBB offers these tips for consumers who are concerned about proactively protecting their identity:
Consider taking a preemptive strike by freezing your credit reports. This will not impact existing credit cards and financial accounts, but will create a roadblock for thieves seeking to create fraudulent accounts using your personal information. Security freezes should be completed with each of the three credit reporting agencies, Experian, Equifax and Transunion.
Vigilance is key. Regularly check your credit reports at annualcreditreport.com for unauthorized charges or other signs of fraud. Note: This is the only free credit report option authorized by the Federal Trade Commission.
Protect personal information. Shred all statements and applications you get in the mail you don't want to keep.
Connect with care. Use caution when logging on to public Wi-Fi hotspots and send personal information only to websites that are fully encrypted.
Expect scammers to take advantage of this data breach to send out phishing emails and other messages that appear to be from Anthem, a credit bureau or other legitimate companies. Do not click on links from any email, text or social media messages about this or any other data breach.
We have to face the fact that data breaches are now a part of our lives and prepare for them early because it isn't a question of whether you'll be affected, but of when you'll be affected.
This story was originally published December 21, 2015 at 9:45 PM with the headline "WORD TO THE WISE: Are you affected by the latest government data breach? ."