Equifax Security Breach, Part II

I initially wrote about my take on the Equifax Security Breach about a month ago.  In that time since, the news continues to come out about just how pervasive this hack was (and maybe continues to be).  We were already on high alert for instances of identity theft. But the source, scope, and what seems like a justified feeling of betrayal associated with this particular breach have ushered in a new era of cybersecurity. There was before the Equifax security breach; now there’s after.

What does “after” look like, and how can we help you navigate it?  Unfortunately, there is no one-size-fits-all regimen, but here are some of the most frequently cited actions we’ve seen, along with our commentary on them.  Some of these were mentioned in my first post (repetition never hurts) but I have added some new thoughts as well.

What should you do right now?

  1. Check your credit reports using annualcreditreport.com. Keeping an eye on your credit reports has long been a best practice, and should continue to be, today more than ever. Be sure to only use annualcreditreport.com. As the website says, it is the only provider authorized by Federal law to provide you with the free annual reports that already are rightfully yours. Also, so you can obtain a free credit report more than annually, consider staggering the three primary agencies’ reports, selecting one to review every four months.
  2. File your tax returns as early as you’re able. This might sound strange considering that we are only a few days away from the extension deadline; however, January 1st, 2018 will be here before we know it. Plan to have your tax information organized and ready to go to your CPA.  Filing early minimizes the opportunity for an identity thief to file a bogus return on your behalf.
    This may not be practical for some of you, but the bottom line…if you can file earlier than later, do so.
  3. Consider placing a fraud alert or a freeze on your credit. Deciding which (if either) of these actions makes sense for you depends on your personal circumstances. For example, if you’re frequently applying for credit, placing a freeze may be impractical. On the other hand, if you have been a victim of identity theft, an alert might not suffice. In this instance, it’s worth reading through the advantages and disadvantages before determining your next steps. We’re here for you as well, to serve as an additional sounding board.
  4. Consider enrolling in a credit monitoring service. Equifax has offered to provide a year of free credit monitoring and identity theft protection via TrustedID Premier. We’ve seen mixed reviews on whether it makes sense to accept Equifax’s offer. First, there’s the whole trust issue raised by the recent breach. Plus, identity thieves have nearly endless patience, so one year of monitoring is only the beginning. That said, other independent services can be costly (especially if you’ve got an entire family to cover), and they may not ultimately offer much that you cannot do on your own if you so choose. It comes down to a cost/benefit analysis unique to you.
  5. Regularly change the passwords and PINs on your financial accounts. Like regularly monitoring your credit reports, periodically changing your financial account login information has been and remains a best practice. Quarterly or at least twice a year makes good sense to us.

Information fatigue is the enemy of action

We’ve seen other tips and pointers besides these, some of which may be advisable as well. To avoid informational overload, here are three guiding lights:

  • Pace yourself. As with any seemingly insurmountable challenge, it may be best to take things one step at a time, lest you lock up and end up doing nothing at all.
  • Patiently prevail. Approach your security as an ongoing process rather than a quick fix. After determining which actions make sense for you, set up a routine and a schedule for implementing them. Write down your plans, and then follow them.
  • Partner with us. We won’t go into sensitive specifics here but, as financial advisors, we have long been taking strong measures at our end to protect against hackers and identity thieves. That said, no system is impregnable. The more aggressively we join forces to thwart cybercriminals, the more likely we will ultimately prevail.

So, how can we help you moving forward? If you’d like to consult with us as you think through some of the points we’ve touched on above, we welcome the conversation. We also ask you to be responsive when we reach out to you with security-related questions or suggestions. For example, earlier this year, we produced a quick-reference and more detailed overview, “Avoiding Financial Scams and Identity Theft Slams,” filled with perennial information and best practices. We’d be delighted to share those materials with you so just ask.

As this wise educator observed in reflecting on the Equifax breach, “Security isn’t a product. It’s a process.” Just as sensible investing involves taking appropriate near-term steps in the context of an ongoing, personalized plan, so too do we find it increasingly imperative to respond to this and future cyberattacks with upfront planning, well-reasoned action and continued best practices. Let us know how else we can assist with that!

 

What does the Equifax data breach mean for you?

Financial monitoring…this is part of financial planning that gets often overlooked.  Like a crack in the foundation of a house, it is hard to see unless you are looking for it, but it can have catastrophic consequences if left unattended.  As you may have heard, Equifax (which is one of the 3 main credit reporting agencies) admitted to a historic data breach which occurred earlier this year.  If you haven’t heard the details, you need to read about it here.  This explanation and suggested action steps from the Federal Trade Commission is excellent.  Supposedly 143 million people had their personal information potentially comprised.  I say ‘potentially’ because Equifax has not disclosed the exact details of the breach, so we really don’t know the extent of what occurred.  I find it pretty disappointing that the breach occurred earlier this year, they knew about it several weeks, if not months ago, and yet we are just now hearing about it.  That said, I wanted to take the opportunity to highlight a few different points.

What should you do?

First, do not get lax about these data breaches.  Just because they seem to happen all the time, and the numbers of people affected seem so large that it is hard to fathom as real, do not take a laissez faire approach, thinking it will never happen to you.  This is exactly the attitude these criminals look to exploit.  And make no mistake about it…the days of the disgruntled teenager hacking away in his parents basement is long past.  Most of these hacks and the subsequent identity thefts are undertaken by world wide organized crime rings.

Next, check your credit report.  Note, this is different than requesting your credit score.  By government mandate, everyone is allowed one free credit report every year.  You can go through the process here.  It only takes a few minutes.  If you are married, do this separately for both spouses.  This will give you a detailed listing of all credit accounts that are open, or were previously opened, in your name.  I suggest that you download and review this every year.  I have done this fairly consistently, and have found error accounts, or accounts that I thought were closed out but were actually still open.  Closing a credit account (like an old Gap card that you never use or the credit card you opened that one time to get a free plane ticket) may drop your credit score temporarily, but I think it is worth the short term hit so as not to have accounts open that you never use or check.  These dormant credit accounts can also be great opportunities for criminals to hack and use.

Finally, you can be your own best protection against identity theft by just being aware and diligent.  I suggest you read through the FTC’s post (link above) and review your annual credit report.  But don’t stop there…these institutional hacks open the door for more and more identity theft, the fastest growing crime in the world.  At PLC Wealth, we have several procedures in place to do our part to make sure our clients money is protected and secure.  Additionally, TD Ameritrade has even more built-in procedures to ensure money does not move to anyone other than the account owner.  But we can not protect your bank accounts or credit accounts, which seem to be where much of this white collar crime occurs.  It starts with personal information being stolen, then moves to the criminals (usually through computer programs) trying to probe to see where they can get in.  If you think your bank account has been compromised, let the bank know immediately.  They will change your account number and give you new bank cards.   If you see a strange transaction on a credit card, let the credit card company know right away.  It’s likely that you won’t be held responsible for that charge, and they will send you new cards immediately, sometimes overnight.

The main point of all of this is that you need to be diligent.  With 143 million people exposed as part of this latest breach, it is likely that some of your personal information was part of it.  I checked Equifax’s alert site and found that both my and my wife’s information was part of the breach.  That being said, I will most likely not take part in the free credit monitoring service that Equifax is offering, primarily because the service will automatically start billing at their normal monitoring rate after the first year, unless you proactively cancel.  That just seems like a slick way to get more people paying for their services rather than being a true pro bono offering.  I will, however, be watching transactions diligently and checking my own credit report for anything that looks off…and I think you should too.

Post Election Letter to Client

Do you remember what I wrote earlier this year in June after the historic Brexit vote in Great Britain? In light of our own historic vote in the US yesterday, I think I could cut and paste every word and it would still be as relevant as it was then. Winston Churchill rings in my ears yet again, reminding us that “Democracy is the worst form of government, except for all the others.” We do not have a perfect system to elect our officials, but it is the system we have had for generations that has allowed for a peaceful transfer of power since the beginning of our young nation. And it worked again. It worked in the sense that, regardless of which side of the ticket you voted for and supported, we have a system that gives us a voice in the outcome of the formation of the government that is in place to represent us. This is no small feat and cannot be overstated. But make no mistake about it…presidents do not make this a great nation that we live in, people do. We have always been a nation with some pretty incredible people, so that give me encouragement.

Do you know what else I said in June? “Any conclusions around what these new trades deals (insert ‘this new presidency’) will look like and the impact on global economies is purely speculation at this point.” Make no mistake about it, the volatility in the futures markets overnight shows that investors are still looking for details on plans and policies. As those come out, likely within the new President’s first 100 days, the markets will digest it and move on.

So what does this mean for global stock markets and your money? In the long term, probably not much. In the short term, probably more volatility than we have seen in recent months. Historically, markets are pretty much impossible to predict in the short term. People have tried to predict and failed for years, and other will continue to try and fail. In the long term (and we are talking 10+ years), however, they tend to behave pretty consistently. And what does that behavior look like? Stocks do better than bonds, and both tend to grow over time. No matter what is going on in the short term, if you are going to have a successful financial life plan and achieve your goals, you have to get compound interest working for you. And the way you do that is to get in the game and stay in the game.

Am I saying that you should do nothing? No, not at all. I may sound like a broken record here, but you have to look at volatility, especially larger than normal volatility, as a unique opportunity to buy good, long term investments while they are on sale. I will be spending time today going through client accounts to see if there is excess cash that should be utilized to buy any short term dip, if there is a dip. These strategic rebalances add value over time. Interestingly enough, even though the media was quick to highlight that US stock futures were down overnight over 5% (at one point, signaling an opening worse than the day after 9/11), as I review the S&P 500 index right now at noon EST, it is UP almost 1%! That is a dramatic turn around, but highlights that, friends…don’t pay attention to what the media is trying to sell you. They sell fear, and fear is not a good partner when it comes to planning or investments.

Should you make any other changes to your financial life plan or investment strategies? No, probably not. When it comes to money, the best thing you can do for yourself in most cases is exactly nothing. Don’t take the bait that in front of you from so many different angles…the media, friends, family. Don’t make drastic changes you will live to regret later. Don’t get too emotionally tied in to what you see on the news. Emotions can make terrible decisions. When you hear that little voice trying to amp up the fear in your head, drowned it out with truth. The truth is that you are still ok…stick to the plan that you made during calmer days. You have to remember to control what you can control. This is why I harp so much on making a plan that maps out your goals and puts you on a path to achieve things that are most important to you. Buying in to the fear found in the day to day does not help you one ounce to harness your wealth to live your great financial life.

All of this is a wonderful reminder to make sure you have a plan that matches your values with your money. This is where you play in the realm of controlling what you can control. Can you control the Return on Investment (ROI) that you get from day to day? No, you can’t, and neither can I! The markets will provide the return that the markets provide…your job is to stay invested so that you can capture 100% of that. I want you to focus on achieving your maximum Return on Life (ROL) and you do this by having a thoughtful, well-designed plan that matches your money and your values. ROL trumps (excuse the play on words) ROI any day of the week because ROL means you are moving towards goals that are meaningful to you and impact the lives of those around you. That is what truly matters and can be accomplished no matter who gets elected as president. If you are not sure if you are on track or haven’t looked at your plan lately, get in touch with me and we’ll make sure you are controlling the things that you can control.

Stay calm, friends…

Josh

On Brexit

“Democracy is the worst form of government, except for all the others.”

 

It’s ironic to me that this quote is associated with Winston Churchill, considering all the going’s on in the last 24 hours within his home land.  As you no doubt have heard, the unlikely occurred and voters in the United Kingdom voted to leave the European Union after 43 years of membership.  The uncertainty that this casts on economies around the globe has caused stock, currency and even some bond markets to behave erratically today.  

 What I want you to know is that all is not lost, the sky is not falling, and the world as we have known it is not over.  I walked out of the house the morning for an early morning run, and you know what I heard?  The same thing I hear on every other morning…the birds were alive and chirping, the wind blowing through the trees which had been replenished with an overnight rain, and oxygen still filled my lungs just like it has on every other day.  It reminded me that we have to concern ourselves with things that we can control, and remove worry around events that we have no control over.  Brexit is one of later mold.   

 What does this mean for you and me?

The fact is I don’t know…no one does.  There is so much still yet to be determined.  The voters have made their voice known.  Now it is up to Parliament to move forward and negotiate the details of their wishes.  There will be months, if not years, of new negotiations between the UK and the EU and other trade partners.  Any conclusions around what these new trades deals will look like and the impact on global economies is purely speculation at this point.  But the fear and uncertainty in the ultimate conclusion is exactly why markets are behaving so erratically today, and probably for some days to come.  The value declines do not mean that the markets think the world is collapsing…it just means that they don’t know what is going to happen, so ‘traders’ are acting on emotion, fear and possibly greed.  These are never good ingredients for a long term investor’s strategy.  But I do know that this vote should not change the course of your long term plan.

 Trader vs. Investor

A trader is actively trying to time the market, moving in and out of investments based on one data point or another.  The research shows this has never been a consistent winning strategy over time.  An investor follows along with Warren Buffett’s favorite holding period for investments: forever.  Be an investor, not a trader.  I think Warren knows what he’s talking about.

 What should you do?

The best thing you can do for your self is exactly nothing.  Short term market movements do not change the course of your long term plan.  Remind yourself where you stand in regards to your long term goals.  Log in to our planning site, MoneyGuidePro, and see if your progress towards your goals has changed at all. [Note: if you do not yet have a financial plan built, let us know sooner than later.  This tool is extremely important to ensure that you are getting the maximum return on life (ROL) and always moving towards your goals.  This is much more important than worrying about your return on investments (ROI)] I assure you that your probability of your plan success has not changed.  The reason is that the probability calculation takes in to account the possibility of wild short-term (and even mid-term) volatility already!  

 Volatility = Opportunity

You have heard this from me before…where there is fear and volatility in the short term, there is opportunity to buy things on sale for the long term investor.  We are always looking to see if volatility in certain asset classes creates enough skewing in a portfolio to provide a strategic rebalancing opportunity.  This pays dividends in the long run.  If you have cash that you have considered investing, pay attention.  If the volatility continues, you will have a unique opportunity to buy a good, long term asset at a discount.  

 Let me reiterate again…the best thing you can do for yourself is exactly nothing.  If your portfolio has been allocated correctly based on your time horizon and your risk tolerance, you are still on the right course.  Turn off the TV, ignore the pundits, and look around you…the air still fills your lungs too, just like it did yesterday, and the sun still rose the same this morning as every other day.  Life is good, so enjoy your weekend. We are always here to talk, so do not hesitate to call or email with any questions.  

 Josh