Hello Lemmy, this is my first time posting instead of commenting so if this is the wrong place or I’m formatting this wrong feel free to let me know how to fix it.

One of my healthcare providers (US) has just alerted me I’ve been affected by a Data breach (from February, so glad to see they took it seriously and alerted people quickly). The breach supposedly affects Full name, address DoB, and health information such as illnesses and medications. They have sent a 2 page information packet that gives recommendations such as calling the three creditors and a “free” 5 year subscription to an experian credit monitoring service. Upon checking the website they want my full name, DoB, SSN, Address, email, phone number, and I’m sure if they could my blood type and fingerprints.

What I would like to know is are these services they are providing me with “safe” for a threat model that involves keeping my information out of the hands of advertisers, bad actors and people who don’t need it? Do they already have this information and are just asking to verify who I am? I’d prefer not to have my identity stolen due to someone else’s computer having a security flaw. What’s my best course of action to preserve my privacy while not having my identity stolen?

Thanks for any help in advance.

  • Atom@lemmy.world
    link
    fedilink
    arrow-up
    27
    ·
    5 months ago

    Freeze your credit on all three bureaus. IIRC it is free for all of them, just don’t get tricked into enrolling in their credit monitoring service. You’re there to freeze and unfreeze your credit, nothing more. From then on, any time you apply for something that requires a credit check, you need to go thaw each credit bureau temporarily. They all let you schedule thaws, so just open it for a day, apply. And close it back up. Or however long your credit check takes.

    The premium service offered by these data breaches is pretty terrible. In some cases, they’ll have a clause that says if you accept, you can’t sue or be part of a class action suit. If you have a credit card with monitoring included, they will notify you way faster if your credit is run. My credit card companies email me within minutes of an application being submitted. The paid service I got from a breach years ago doesn’t let me know till about a week later.

    • Wave@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      5 months ago

      Thanks for the information! I’ll get in contact with the creditors and put a freeze on and disregard the experian monitoring

      • Broken@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        Yeah, other than freezing credit, there’s not much you can do. It’s a toothpaste out of the tube scenario. It’s basically too late. The offerings always suck and are basically only there so they can say they’re doing something for you.

        Other than that, harden your privacy in general. Yeah, it doesn’t help for breaches like this because you can’t hide from your doctors, but simple things like having an alternate email address makes it a tiny bit better.

        • Wave@lemmy.mlOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          I use randomly generated aliases for every service I use ;P