By David Koch and Angela Renee at Halbert Hargrove

What are we thinking about as we head into 2018? September 7, 2017—the day Equifax announced their data breach. Unlike previous hacks, this one potentially affects more than 140 million Americans and the sensitivity of the information stolen is unprecedented.

Even the Social Security Administration uses Equifax to verify your identity. And the compromised data—social security numbers, birth dates, addresses—gives hackers what they need to open new accounts in your name. For the rest of your life.

For this reason alone, data security should be on your permanent radar. 2018 is the year to fortify your digital fortress.

The first step? Check if there has already been a breach.

Get a Copy of Your Credit Report

The Fair Credit Reporting Act (FCRA) of 2003 requires each of the three nationwide credit-reporting companies—Equifax, Experian, and TransUnion—to provide you with a free copy of your credit report, at your request, once every 12 months.

You can get your free copy each year by going to You should also consider using a credit monitoring app or service like LifeLock (starts at $9.99 per month) or Credit Karma (free). The perks? Credit Karma users are notified any time there is a change on their TransUnion and Equifax reports. They are also alerted when any personal information winds up in future public data breaches.

As you review your current report, if anything is amiss—say you see a Forever21 credit card you never opened—then you have already been victim of identity theft. Immediately contact one of the credit reporting agencies to post a fraud alert. They will contact the other two agencies on your behalf.

Even if everything on your report looks legitimate, make checking your annual credit report a lifelong habit.

While you’re at it, make it more difficult for hackers to access other personal information.

Create Strong, and More Importantly, Unique Passwords

A strong password is easily implemented by swapping numbers and special characters for letters. For example: Use an @ to replace an a, use an ! to replace an i, or the number 0 for the letter o. Then your password “Patriots” becomes “P@tr!0ts”—and voilà, you’ve now got a complex password.

What is more important than a complex password, however, is that you should be using a unique password for each login. This can be created by adding the first few letters of the website that you’re logging into.

Using the P@tr!0ts example, your password for your online AT&T account becomes ATTP@tr!0ts, your Twitter password becomes TWIP@tr!0ts, your Facebook password becomes FACP@tr!0ts, and your Hometown Bank account password is turned into HTBP@tr!0ts. Now, if Twitter were to get compromised, the hackers wouldn’t know your passwords for these other accounts.

You can’t ultimately make yourself “hack-proof,” but you can make yourself a much harder target.