Your personal financial information has been hacked.

More than 143 million Americans were made vulnerable by the recent Equifax breach, and you are most likely one of them. That means your Social Security number, birth date, driver’s license data, credit card numbers, and bank account numbers are out there in the hands of hackers…soon to be auctioned off to the highest bidder.

And it’s not just this massive data theft that’s potentially put your private information at risk.

Already this year, the “Shadow Brokers” (allegedly) stole and sold classified NSA materials. WannaCry and Petya ransomware attacks disrupted power grids, major corporations, banks, and hospitals. Cloudflare (the company that offers security for things like OKCupid and FitBit customers) reported a major data leak. Nearly 200 million U.S. voter records were hacked.

Face it: Your personal data is not guaranteed safe anymore…no one’s is. And you could lose everything. Unless you take concrete steps to protect your financial future.

So it’s more important than ever to do these 10 things to protect your financial information.

  1. Protect your hardware. Update the security protocols on all of your devices right away, and keep security software active at all times. Log out of your bank, brokerage, and online shopping accounts when you’re done on the sites. Password-protect your devices…especially if you frequently use them in public settings. And to keep your files safe from ransomware attacks, back them to an external device (like a flash drive).
  2. Reset your passwords regularly. For financial accounts, change your passwords every 90 days, and always use different passwords for different accounts. Your best bet is to use pass-phrases that are easy for you to remember (like song lyrics or favorite quotes). And any time you can, use two-step authentication, a more secure process that requires you to enter a code that’s been texted (or emailed) to you each time you login.
  3. Use encryption. Always look for the “lock” icon in your secure browser’s status bar before you enter your password. That lock along with the “https” heading ensures that your data will be encrypted as it’s transmitted. Every page on the website, and not just the login page, should have the “https” and the lock, or your information may not be secure.
  4. Avoid unsecured wi-fi whenever you can. And never use an unsecured wi-fi connection to login to a password-protected account – especially in hotels and airports, where thieves hang out just waiting to grab your vulnerable info.
  5. Secure your apps. If you have financial apps, turn on their highest security settings.
  6. Get and review your credit report. Every year, you can get FREE copies of your credit reports year from all three of the main credit reporting agencies: Experian, TransUnion, and Equifax. Go to to get your free reports, and review them very carefully, keeping an eye out for any activity that isn’t yours. If you see fraudulent transactions (or mistakes) on any of the reports, let the credit agency know right away (you can do that right on their website).

    Identity thieves target your children, too. Protect your kids by checking to see if they have credit reports, especially if you think they may be fraud victims. The process is a little more complicated than checking your own credit, but it will help protect their financial futures. Click here to learn how to check your child’s credit.


  8. Guard your credit. If you think someone may have gotten their hands on your information, which probably happened in the Equifax breach, put a fraud alert or a security freeze on your credit reports immediately. Fraud alerts – which require creditors to verify your identity before extending any new credit, issue new credit cards, raise a credit limit, open a credit line, or offer a loan – last for 90 days. A security freeze is even stricter: no one can take out credit in your name or even check your credit without knowing your secure PIN code. (You can temporarily lift the freeze if you need someone to check your credit). The freeze stays in place until you decide to remove it.
  9. Post cautiously on social media. Criminals troll social media sites for your pet’s name, your favorite band, where you went to elementary school…the kind of information in challenge questions that let you access accounts when you’ve forgotten your password. Limit the people with access to your personal page – especially if you vacation a lot and like to post while you’re away (criminals will know you’re not home). And never post your social security number, your full name, or your home address on a public site.
  10. Read your account statements. Whenever you get a bank, brokerage, or credit card statement, read it. If anything looks unfamiliar or fishy, report it right away.
  11. Get a lockbox and a shredder. Put crucial financial documents (like previous years’ tax returns, savings bonds, etc.) in a lockbox or safe deposit box. Any paperwork with identifying personal or financial information that you don’t want to keep should be shredded. Opt out of pre-approved credit card applications (which criminals steal to open accounts in your name) at

By taking these security steps, you’re making it nearly impossible for the fraudsters to win. Protect your identity and your financial future by doing as many of those as you can.