Know Your Legal Rights: Recovering from Identity Theft

By on January 11, 2018
The materials available at this web site are for informational purposes only and not for the purpose of providing legal advice - legal information is not the same as legal advice. The information expressed on this site are the opinion of the individual author and may not reflect the opinions of any individual attorney. You should contact your attorney to obtain advice with respect to any particular issue or problem. Use of and access to this web site or any of the e-mail links contained within the site do not create an attorney-client relationship between FinancialSafetyNet contributors and the user or browser.

To do just about anything on the internet, such as banking, shopping, email, or Facebook, requires you to create a user account where you provide personal information to the website. You assume your information is secure, or if you’re like me, you assume nothing will ever happen to your personal information.

The recent Heartbleed bug—possibly the worst information leak bug we have seen— has proved us all wrong, and has left companies and individuals vulnerable and reassessing their approach to information security. While there are precautions you can take, unless you avoid online accounts completely you are at risk. It’s important to know your rights in case you fall victim to identity theft. Here is what you need to know.

Create an Identity Theft Report

Filing a report with the Federal Trade Commission (FTC) is the first thing you should do if you suspect you are a victim of identity theft. Not only will you need the report to take advantage of your rights pertaining to identity theft, but it helps the FTC detect patterns of fraud and abuse. An identity theft report consists of:

  • An affidavit, a written statement that can be used in court
  • Your complaint, which you can file on the FTC’s complaint website
  • A police report

Complete the FTC forms, and bring them with you when you file a report with local law enforcement. These forms contain important details, such as compromised accounts that credit reporting agencies and creditors need in order to verify that you are a victim of identity theft.

Create a Fraud Alert

After you have filed your report, the next thing you should do is create a fraud alert on your credit report. Initially, you can request a 90-day alert that notifies anyone accessing your credit report that they must verify identity before processing any applications. You can contact one of the three major credit reporting agencies, Equifax, Experian, or Trans Union to place an alert. The agency you contact will notify the other two.

You can also place a 7-year fraud alert on your credit report, but in this case you need to contact each credit reporting agency and provide them a copy of your identity theft report. This will ensure you are contacted before credit is approved and issued in your name. 

When you initiate fraud alerts, you will receive a copy of your credit report and a summary of your rights. If you request the 7-year extended fraud alert, you are entitled to two copies of your credit report within a one-year period in addition to your free annual report. This will enable you to ensure your credit report is kept free of fraudulent claims.

Request Credit Reporting Agencies Block Fraudulent Activity

It is within your rights to request that credit reporting agencies do not report any fraudulent activity that will negatively impact your report. In order to request a block, you must send the following information to each credit reporting agency:

  • A copy of your identity theft report
  • Proof of your identity
  • A written statement explaining the fraud and affected accounts

Once you have requested a block, credit reporting agencies will closely monitor your report for hits, and tell creditors providing fraudulent claims that the claims resulted from identity theft. Additionally, this action prevents creditors from turning over fraudulent debts to collection agencies.

 If you believe fraudulent information exists on your credit report, it is within your rights to dispute it. If you file a dispute, the credit reporting agency must investigate and correct any fraudulent information.

Limit Your Liability

If your personal information has been compromised, you may not know to what extent. The best thing you can do is report it right away. In the case of the Heartbleed bug, it may be we have yet to see repercussions. The good news is that you can limit your liability for financial loss. 

Most states have laws that protect consumers from having to pay debts incurred on fraudulent accounts.

With credit cards, if you report identity theft before your credit card is used, you are not responsible for any amount. If you report unauthorized use after your credit card is used, you may be liable for around $50. It’s a little different for debit cards, however. Depending on how long you take to report your lost or stolen card, you may be liable for anywhere from $50 to $500. If you fail to report your lost or stolen card within a 60-day time period, you may be liable for the entire amount. The lessons here: Be proactive, review your accounts, and read your credit report!

Obtain Documentation Regarding Your Case

Whatever forms you fill out, reports you file, or letters you write, always retain copies for your records. Also, save any correspondence from credit reporting agencies, creditors, or debt collectors. You may need it to prove your situation and protect yourself from financial liability for fraudulent transactions. If you feel you are being contacted by a creditor or debt collector in error, you have the right to tell them to stop contacting you. You must put it in writing, but when you provide them all of your valid information about your identity theft, they should cease communications.

If you think your personal information has been compromised, we cannot stress enough how important it is to follow these steps and regularly review your credit report for incorrect or fraudulent information. Rebuilding credit can be a long and arduous process. It’s best to be proactive and avoid unlimited liability due to neglect.

Reviewing your credit report is one way to protect yourself, but there are other ways to be proactive in protecting your personal information:


Be cautious using public wifi. If you don’t recognize it, and it doesn’t require a password, don’t use it.
Create strong passwords when opening online accounts. Don’t use information people can guess about you.
  • Only use credit cards on secure sites. Evens secure sites are at risk, so don’t use cards connected to your bank accounts for online purchases.
Review your bank account and credit cards statements regularly. Aside from avoiding online activity, being proactive is the best protection.

Realize that any online activity puts you at risk, but if your information is compromised, you can do something about it. Speak with your trusted legal counsel, insurance agent and financial advisor about protecting your finances and yourself from liability.

Take the next step - Let's talk!

Remember to speak with your financial, legal or tax professional for more information about the topics which interest you. Here are a few ways for you to share your ideas, learn more and interact with FinancialSafetyNet members, authors and expert advisors.
Have a question, but don't want to share it with everyone? Contact a financial advisor.
Want to contribute to the conversation publicly? Submit a comment.

Submit A Comment

About Toni Banks

Contributing writer for FSN - As a professional writer for the Legal, Finance, and Technology industries, Toni understands there is an overwhelming amount of information available to you and wading through confusing terminology and difficult concepts can be difficult. Her primary aim is to offer focused, clearly-written information on current topics that resonate with her readers. Find Toni on !

You must be logged in to post a comment Login

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.