So. I have some experience with this subject. Painful experience, but experience.
1. Your medical data is worth more to start off with. If they stole it to claim free medical services in small hospitals with inefficient billing practices, it'll take roughly 2- 5 years until a collector contacts you.
2. Don't sign anything or sign up for any 'free' protection. The devil is in the details. Everyone of those agreements for 'free' protection requires you to give away the right to sue for damages and runs out in 6 months to 1 year every time it's been offered to me.
3. Your bank/credit card accounts. Notify the banks that your data was vulnerable. Proceed to put a passcode on your account for anything (assuming your bank has that) to make any changes.
4. Banks have their own non sufficient fund list if you go into negative balances. It doesn't show up on a credit report and it's god awful difficult to get it removed (I had one). People open an account, write a hot check at a check cashing place and peace out. The guy from lifelock had a bill in texas for that, which is why he was no longer allowed to give out his SSN on commercials (or at least part of the reason).
5. The state attorney general is your friend. They deal with a lot of FDIC consumer complaint stuff. I had to get the state attorney general involved because a thief changed the address on my bank account and had a card sent to themselves and withdrew a considerable sum. Most banks will take care of it with no fees within 48 hours , but notify them in writing (according to fdic rules you are liable for 50 dollars of it if you don't notify them in writing within 46 hours of you noticing it).
6. Get a password manager. So here's the deal. Go to one of the people location sites. Search for your name or a previous email address. If you ever registered for Amazon on it, or anything else, it'll likely be on the stalker site. Consider that people re-use passwords (I know you're on this forum!) and make them names, places, and things that are significant to you. Why is this important? 4chan located shitbird lebuff in the middle of nowhere using plane contrails because they were bored. There are bots written by data thieves that aggregate data for this purpose. If your name is Uniqquuee, hell even if it isn't, for money, most people would spend twenty minutes looking on facebook for your likely passwords by your posts (remember how you were born in 1980 and your dogs name was Uniqqqquuueee and now your password is Uniqqquuuueee1980? Yeah.
http://keepass.info/
7. People want free shit. I do a yearly request for all passport activities.
8. Good luck if someone commits a crime and claims to be you. You're boned. There was a judge who refused to remove an alias from court records. A guy sued because it stopped him from getting jobs. The judge told him to die in a fire. Search for it (duckduckgo.com may be a better choice, google's down the tubes these days).
How do I know all this crap?
# of times VA lost my info - 6
bluecross blue shield hack
collegeboard got hacked several years ago
adobe got hacked
sony got hacked
There are more minor breaches that have impacted me, such as the doctors office that was just throwing my dental records in a shed for storage (thanks hippa, you're great, really), but those are localized.
Yes I'm paranoid, yes I use cash and temporary visas from wal-mart for online purchases or to put money into paypal.
Here is the page for transunion (heh). Search for credit freeze for other agencies.
https://www.transunion.com/credit-fr...-credit-freeze
Oh, apple people. Resetting your password is easy with account numbers, dates of birth, physical address and other stuff you post on facebook.
You should all redo your security questions to stuff that has no relevance to you and write that shit down and use 2 factor authentication (if you're not already). Also, most password reset request for companies done via phone requires information like your email address, ssn, stuff like that for "verification" purposes, so keep an eye out for passwords that are mysteriously reset.