Oh there is so much to update.
I had a meeting with my coworkers yesterday and encouraged them all to check their scores and even consider freezing their credit. CPAs have good credit scores and don't use their credit much (at least the people in my office) so I wanted to let them know they could freeze it. I have to say if it had happened to someone else I would not have been so game to pay $30 every time I may want to unfreeze my credit in the future ($10/bureau). BUT having been here, it is probably a small price to pay. IT also probably warrants a lot of letter writing to congress. Why consumers have to pay to protect their identity. It is just a little ridiculous if you ask me...
I called AICPA and they said "no one has reported any ID theft." Yeah right! Not one CPA in all of the US has had their identity stolen in the last 18 months? Whatever. I filled them in and they put a note in my file. If this is a CPA problem though I imagine I will find out eventually just keeping up to date with friends and co-workers. For their sake I hope not. AICPA seemed very unconcerned as far as they were concerned because it had been about 18 months since the security breach, and a year since they informed us. I guess once a year is past you just are s'posed to forget that your data is lost out there somewhere???? I don't follow the logic.
I was kind of surprised how open my boss was to me doing a quick meeting (it is deadline today and VERY busy) but he just was SO concerned. Since I have been a CPA we use pin #s to sign returns and I actually suggested everyone in the office get a pin # when I joined this firm in 2001. Anyway, he mentioned yesterday that his social security # was all over tarnation from the millions of tax returns that he had signed over the last 30 years or so. I mean all you need is one idiot client to toss their tax return in the trash, and there you go. HEck, a photocopy place called my office one day when I was the only one there and so I was answering phones and they said they had a client's tax return. They had forgotten it. I called the client immediately and we all talked about at work how they were lucky an honest employee found it. But to think our own info used to be at risk when clients did stupid things - *shudders*
& I think it was interesting to point out that I am pretty guarded with my info but it still got out somehow. I just wanted to make sure everyone was checking their reports and that they should do the fraud alert (it is very easy to do) in the case it does stem from AICPA.
Anyway, my coworker had some interesting insight. Her last boss's identity was stolen and she had 2 interesting tidbits. One - the detectives said usually identity thieves sit on data for a year before they start using it (wait for the smoke to clear in case the theft is caught, etc.). Which is very interesting and why I am more annoyed at AICPA's indifference. IT was interesting to hear that is the actual pattern of ID theft - waiting a year - which makes the AICPA look more like where this could stem from.
Also, in this case they found out right away but the ID thieves tried to change the mailing address 2 weeks after applying for the credit. Because of this they were able to CATCH them. I have been at a loss as to why they would use my home address and wonder if that is something they plan to do. Rather interesting...
Then again I got home last night and guess was in the mail - a new credit card from Lowes. The only good I can see from this is the ID thieves hopefully wanted to run up a bunch of credit and then run. & not cause me any further headache. Well I can hope. Why else would they just have the card sent to me. I would have found out so fast regardless. I hope this means they are done...
I signed up for the monitoring but it takes 7-10 days to start up or something. Then again I probably won't get all the paperwork from all the cards until then anyway. We'll see... All I can do is wait at this point.
Oh we were also talking about in our meeting how the key was they seemed to have my birth date too. I am not sure how easy it or hard it is to find that info once you have the rest of my personal info (probably easy) BUT we did discuss that we should never give our SS# OR our birth date to anyone who really doesn't need it. What I wonder is if I use a birthdate with the same month and year but a different date, does it really matter for most things? I don't know. Just another interesting point as I had input my birthdate on SavingAdvice when I signed up and later changed it to a phony date once the topic came up here that that is TMI. I had never really thought about it before, but I will guard my true birth date like my SS# from now on - for the most part.
& yes my coworker offered to do free notaries for me. My bank would have been $10/document. Not terrible, but not great either. I'll take free. The funny thing is she is rather elderly and I have been thinking of becoming a notary anyway to make some side money. My boss would probably pay for the classes and stuff if I offered to help her/take over for her. But yesterday she starts telling me notary horror stories. LOL. All these clients coming in for free notaries (as it is offered as a free service by my boss) and coming in needing 50 at a time, etc. I came home and told dh nevermind. I said who will I get free notary service from if I am "it"??? I'll let someone else take over that whole thing - hehe. Of course hopefully I never need another notary again. Yeesh.
Well in 2 weeks I will probably filling out a lot of paperwork. I am also waiting for my final police report to do my credit freeze. I did hear you should demand to go to the police in person for a report. as for here, they really wanted me to do it online and it is convenient. I could hardly argue. The police shortage out here is insane - like they truly have time for this. You hear it takes 30 minutes to respond to a 911 call and they ignore calls about potential kidnappings. I am just not interested in wasting their time with something that can be done online. What are they really going to do anyway??? Does it matter if I go in person? Is is really going to be hard to dispute that I didn't open a card at Lowes and max it out in Indiana on Monday? I was at work all day!
I also wonder if this mess would be worse or harder to clear up if they had changed my address before I found out. Oy vey.
Well, we'll see..
Oh finally, I had one more clue. My credit report has an "l" in my street name instead of an "i." Apparently the thieves used "l"s. I know a few of my bills come to the address with an incorrect "l" but not very many. I am not sure if it means much though. The problem is "i" gets mistaken for "l" so much. I think it will be interesting to see the original applications and see if we can determine if they used l or i. If it is obvious what they intended to use. It could be a clue. Or it could just mean nothing. When we bought the house they told us the wrong street name because someone misinterpreted the i. ??? I found it interesting though since I read off my address to all the companies but Express read it off to me with the "l" so it got the wheels turning in my head. I will check for one what AICPA has for my address. Hmmmm...
Archive for July, 2007
Oh there is so much to update.
I just got off the phone with Express. The reason Express called me was not because they were so on the ball BUT because the ID thieves were really dumb and used my phone #.
Anyway, I just called them and chatted with them and get this. The amount charged up on this card was $0!!!!! They were stupid enough yes to issue the card. BUT you can't really fault them for that. However, the first charges were suspicious and so they DENIED them. They then called me.
Which means there was a $0 balance. OMG you don't know how relieved I am.
They are still sending me paperwork and stuff to investigate, but at least it's not a mark for my score to worry about. I Thanked them very much and told them they did what all the other cards should have done. Lowes was clueless. Macys & Sears said they had tried to call me, but they just let them max out the cards anyway. IT's like what, they were going to start denying charges AFTER the cards were maxed? they didn't notice anything weird until the cards were maxed?
Express checked my credit report twice yesterday that I know of, saw that suspicious activity, and DENIED the charges. just as any of them should have.
I will be sending them a nice letter. I hate the credit industry as a whole, but I feel grateful to them for being on the ball in this case.
Expenses I have incurred/will incur:
I will have to pay for a million ceritified mails which is not huge at least.
Looking at all the ID Theft Affidavits I have to file, I need to get them all notarized. I Cringed when I Saw that but my bank may offer free notary service. If not my co-worker will probably help me out for free or discount. I'll ask. She is a notary. who am I kidding - she will do it for free.
I signed up for a free 30-day credit monitoring because it is the only way I can figure to check my report vigilantly at all. IT wil cost me $12.95/month after the first month unless I cancel. I'll probably keep it a month or 2 for peace of mind. (YEah thanks 3 credit bureaus for the ONE free report. Not! I haven't even figured out how to look at Transunion yet and shudder to think there may be more on there. I think I will just pay the $10 to look today for peace of mind).
ETA: I just tried to pull my Transunion report at they won't let me look online since there is fraud alert on my account (nice to see it is working). It is frustrating though that Equifax & Experian let me see my free credit report right away, online, easy peasy. If I can find the time I will call them today and get my free report today. This is ridiculous. I just dread to see if there is more...
Or maybe I should just be happy they are taking more precaution. But mostly it is a PITA. YEah I will find out eventually, but I would like to know NOW what the credit report is showing so I can nip more in the bud I have to.
Well isn't that special? I was thinking I needed a more interesting idea for a blog, and dh did mention hey I could get a lot of articles out of this. The funny thing is I thought the same thing. Not something I really intended to become an expert on or wanted to experience firsthand.
Anyway, I just had to say that isn't it ironic that my info was stolen and now it feels like I have to give all of my personal info to a zillion organizations. Plus more of my personal info that wasn't even stolen. So far Equifax, Experian, Transunion. FTC, police, 4 department stores I never even shop at, etc., etc., etc. It's a little unnerving. Suddenly you want to protect that info that much more, but everyone needs it to investigate.
Today I am going to call the AICPA which I mentioned. I shot an e-mail to my boss about the situation and my concern that it may stem from the AICPA's security breach. I am going to hold a meeting tomorrow and suggest all the CPAs in the office get their credits frozen. Or at least put fraud alerts in the meantime, just in case. I think most of the crowd is up to it. Like me they don't really use debt and all have spouses to fall back on for credit as well. just good to let them know what their options are anyway. I think also it is a good time to have a talk about how we secure our client's data. I know that we had talked about locking up every item with a SS# due to some new laws or something, but we never did. I think insurance companies are required to, and maybe we're not, but the malpractice insurance company recommended it or something. We talked about the logistics of locking up everything we work on every day (difficult and annoying) and we also discussed blacking out any bank account or credit card #s in our files. I think as we move towards electronic scanning and other precautions that have been put in place that there are no longer any accessible SS#s just for the taking when you walk in. But in the past all the files were just in open file cabinets out in the open. I know in the insurance industry they have to follow strict guidelines - in locked file cabinets or locked rooms, or something along those lines. Then again maybe it is kind of ridiculous to think someone could break into your business but could not figure out how to break into a locked room or file cabinet. Then again I guess, why make it so easy. Lots of people come through the office every day...
Well I am wide awake at 6am. I worked out for a good hour yesterday and overdid it a bit. I am whipped. But I have to say I slept good. I went to bed super late and feel SO Refreshed. I think the workout helped. Taking the day off to recover. I'll probably go to aerobics tomorrow and see how I Feel from there. Anyway, I figured I could call Sears and express today before work since they have east coast hours. Phew. Helps. I still have a deadline looming over me for tomorrow and I only worked 4 hours yesterday. I spent so much time on this crap and worrying about it and such; very hard to concentrate though I have to calculate a bonus for this client before 7/31 and I have to disseminate all his info first, in the middle of fighting crime... After tomorrow I should have more breathing room at least.
I filed reports with the police and the FTC yesterday - which will help me freeze my credit for free.
I also read I should call SSA (after reading I shouldn't) and I should contact all of my banks and credit cards, etc. Are they kidding me? Seriously? I am not sure if there is a point and that could take a million years since I just opened like 3 different mutual funds, 3 new banks, and 3 new credit cards in the last few months. The ID Thieves don't seem to have a clue about that info, BUT I guess they are that much closer to fooling a non-vigilant customer service rep with the info that they do have. I think I will call my bank today - maybe my 2 banks which both have a decent amount of cash - and just call and let them know and see if I am required to fill them in and if there is any added layer of security I can add. I do check my balances on everything every day. I just don't want my credit cards coming back and saying I am responsible if something happens, for not alerting them. Beyond that I am not sure what me calling them would help any. None of my existing accounts have been tampered with (knock on wood). Oh well, the day is young. I will call my bank and chat with them at least...
ETA: Thank you STUPID THIEVES!!! Just talked to Express and they used my real phone #. Is the only way I found out so fast. Though the statements rolling in, in a month, would have been a clue. But I am just grateful I found out so fast. At least I had really stupid thieves in this case...
Oh, I just had a horrible thought in the ID theft saga. I just remembered that if something bad from this hits my credit report, that I could face "universal default" issues with my Balance Transfer. Sure I have a good reason and could probably argue with them and clear it up, etc. But I don't like hassle. So I am considering just paying it off this month. I think I will wait a month and see how things progress, but definitely pay it off before any of the charges come due, if they are not cleared up ASAP. Off the top of my head I don't know how universal default works. But I don't expect anything negative to hit my credit report right away, so I think I have some time to ponder?
Just a thought I had. & makes it clear why this can be so devastating to so many people. Just another angle I hadn't thought of.
It sucks, but I rather play it safe. The good thing is that the bigger amount is in dh's name so that one should be okay. The bad is that I had this offer for like 15 months and I paid a $75 fee. Figures. It was probably going to bring in as much dh's, just over a longer period of time...
We'll see... Once my credit is frozen and if all the charges are removed from my credit report, maybe I will stick with it. But something to think about...
I am sure more un-thought-of consequences will pop up. *sigh*
I was just thinking with all the creditors calling me at work next week - yeah that will be fun. I will tell my boss because I know I received 2 notices from 2 professional associations. One is so old I threw away and the other one I don't remember where I saw it - seems it was rather recent. I will never throw away a "possible ID theft" letter again. I feel like a dolt. Something you keep forever I guess. So I will see if he remembers getting these (must have gotten the same notices) so I can call and see if I am the only one this far - if we can maybe trace this down somewhere. & also let my boss know why I am going to spend a good chunk of the week talking to creditors on the phone and stuff. I am sure there will be some raised eyebrows...
Oh and I found this - it was the AICPA:
Of course so did the state CPA education foundation - same kind of thing. Except I am pretty certain they never had my SS#. Actually I think in that case credit cards were stolen but they also did not have mine since the boss pays.
Of course I thought the IRS had also had some issues losing SS#s. So you get back to it could have come from anywhere. But if there is a rash of CPAs who become ID theft victims, then we will know I guess. Now I have to add AICPA on my list of calls to make...
Now ask me why I gave the AICPA my SS#? I don't remember. I am usually pretty guarded with it. BUT I don't know. I will think twice next time.
Other places that come to mind though:
College (they used to put SS#s on our IDs too)
State Taxing Authorities
All Banks & Investment Brokerages
I am not sure how they ever track down where your ID gets stolen from?