This weekend, the Department of Homeland Security (DHS) inspector general issued a report stating that the Federal Emergency Management Agency (FEMA) exposed home addresses and banking account information of 2.3 million disaster survivors, placing them at risk for identity theft and fraud.
FEMA transmitted disaster relief applicants’ bank and electronic funds transfer numbers to an outside contractor handling transitional housing for those affected by Hurricanes Harvey, Irma, Maria and the 2017 California Wildfires.
A DHS official said, “We don’t have any information that [the personal data] has been compromised in a detrimental fashion,” and stated that FEMA will not be contacting any affected individuals and is working with the contractor to have the data removed.
Scammers often take advantage of crisis situations with fraudulent communications to survivors or by submitting fraudulent applications for disaster relief.
What Consumers Can Do
While the ubiquity of breaches has led some consumers to the state of apathy, it’s more important than ever to be vigilant. We encourage consumers to consider taking the following data breach safety measures to help reduce their risk:
- If you participated in FEMA programs in the last two years – specifically Hurricanes Harvey, Irma, Maria or the California wildfires – contact your bank and let them know you might have been affected.
- Review all bank statements to ensure that there are no suspicious charges to or from your account.
- Monitor your credit report for any new accounts opened in your name.
- If your bank utilizes electronic funds transfers, ask for a new personal identification number (PIN).
- Sign up for an identity protection service that includes credit and identity monitoring if you haven’t already. Just be aware that not all monitoring services will protect you equally, so make sure you find a service with powerful monitoring capabilities and 24/7 full-service resolution assistance, should you ever find yourself the victim of fraud.
Comprehensive monitoring services should include internet surveillance, compromised credential monitoring, and credit monitoring. The monitoring should also include alerts so that if your information is detected on the dark web, your can quickly assess and work with resolution experts to minimize any impact.
Some recommended information to monitor includes:
- Login credentials for various sites
- Social Security number
- Email addresses
- Date of birth
- Debit/credit card numbers
- Bank account numbers
- Insurance card/policy number
- Drivers’ license number
- Loyalty card numbers
- Affinity card numbers
- Passport number
Purchase Iris identity protection today to provide yourself with an extra layer of protection for your most valuable asset – your identity.