How to Report Identity Theft to the Credit Bureaus
Identity theft affects millions of Americans every year. Given the possible resulting damage, it makes sense for a victim to take quick action to resolve the situation. And while this can involve several steps, a key one is alerting the credit reporting agencies, also known as credit bureaus.
If someone has your personal information, or if it was exposed in a data breach, you want to do what you can to help protect your identity. With your information in hand, criminals may be able to open fraudulent credit accounts in your name, possibly damaging your credit history. Placing a fraud alert on your credit files can help thwart such activity.
In this article, we’ll tell you how to notify the credit reporting agencies and what to expect once you do.
The three credit reporting agencies
Equifax, Experian, and TransUnion are the three major U.S. credit reporting agencies. Each of them collects information about you and how you use credit, as well as whether any business has turned your debt over to a collections agency or you’ve filed for bankruptcy. Because the agencies are so involved in your credit activity, it’s important to notify them if your identity has been stolen—as identity theft can lead to abuse of your credit, and you want to try to keep that from happening.
|MAJOR U.S. CREDIT REPORTING AGENCIES|
Experian Fraud Center
TransUnion Fraud Alert
If you’re concerned about identity theft, perhaps because your personal information has been exposed in some way, contact at least one of the three reporting agencies and request an initial fraud alert be placed on your credit file. If you contact one agency, it’s supposed to contact the other two for you, but it doesn’t hurt to contact all three agencies yourself.
An initial fraud alert lasts 90 days and, during that time, can make it harder for an identity thief to open accounts in your name. That’s because a business must verify your identity before it issues credit to the person requesting it.
You can apply for an initial fraud alert in all the ways listed below (phone, online and mail). These 90-day alerts can be renewed every 90 days, but you’ll have to remind yourself to do so. Otherwise, they’ll expire.
Keep in mind that if your Social Security number has been exposed, it might not be used to commit identity theft until years later, so a 90-day alert may not be the best option. It’s worth noting that, unlike credit card numbers, Social Security numbers aren’t easily replaced.
Another kind of fraud alert is the extended, or 7-year, alert. It’s available only by mail (or fax) and for only identity theft victims who provide a copy of their identity theft report from a federal, state or local law enforcement agency.
Here’s how you can contact the credit reporting agencies to request a fraud alert, using the contact information in the table above:
Requesting a fraud alert by phone
If you prefer reaching out by phone, you can call to request a 90-day fraud alert, but not an extended (seven-year) alert. Your call will likely be answered and handled by an automated system, so don’t expect to speak with someone. When you call, be ready to provide your Social Security number, mailing address to which your bills are delivered, and birthdate.
Requesting a fraud alert online
Each of the three credit bureaus has an online webpage dedicated to helping victims of identity theft.
- Experian’s Fraud Center provides online tools for adding a fraud alert, removing a fraud alert, learning how to respond to identity theft, and reviewing a copy of your report.
- Equifax allows you to fill out initial alerts (and active duty military alerts) on one website page. The company also provides an extended fraud alert request form that you can print, complete, and either fax or mail in.
- You may also contact TransUnion’s Fraud Victim Assistance Department through its website.
When you visit the agencies’ websites, each allows you to fill out forms online. You can choose to place a 90-day fraud alert or seven-year fraud alert. Again, the extended fraud alert requires that you submit a police report, indicating you’re an identity theft victim.
Requesting a fraud alert by mail
If you prefer contacting each credit bureau by mail to request a fraud alert on your credit report, you’ll have to provide each bureau with a cover letter outlining your request and proof of your identity.
The ITRC provides forms and other information that you should include in these requests for both a 90-day fraud alert and a seven-year fraud alert. You also should send your letters via certified mail with Return Receipt.
Request and review a copy of your credit report
After placing the fraud alerts, request a free copy of your credit report from each agency. Since each agency’s report may differ, it’s important to look at all three to help ensure you’re not missing anything important. Review the reports carefully to make sure there are no new occurrences of identity theft. If you place your fraud alert online, they should send you an email or prompt you to view your credit report online for free.
Should you freeze your credit?
If you’re seeking an extra layer of protection, you may want to consider freezing your credit reports. A freeze will:
Help block new lines of credit
Provide further protection from thieves getting credit in your name
Limit access to your credit report
While a fraud alert requires businesses to verify your identity before extending a new line of credit, a credit or security freeze prevents anyone—even you—from obtaining new credit until the freeze is lifted. While fraud alerts last for 90 days or seven years, most credit freezes hold until you release them. (In a few states, a freeze expires after seven years.)
Credit freezes are usually free in most states to identity theft victims. For others, they cost $5-$10 and must be placed separately at each credit reporting agency.
If you’re an identity theft victim, the sooner you take the necessary steps to stop fraudsters from continuing to use your identity—and resolve the issues resulting from being victimized—the better.
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.