The breach of the Equifax database, which exposed the personal credit history of over 140,000,000 individuals, has left consumers scrambling for answers and wondering what steps to take. While many experts continue to weigh in on the issue, and law firms begin lining up for those class actions lawsuits, you may still be wondering what you can do to mitigate the damage. No doubt an investigation by Congress will provide some relief, and many private companies like Credit Karma and Capital One are already reaching out to beleaguered consumers. As we wait for the cavalry to arrive, we’ve collected a summary of all the information you need to protect yourself and give voice to your fears and frustrations. What Happened? Equifax believes hackers accessed the company’s network sometime between May and July of this year, gaining access to the social security numbers and extensive credit history of 143 million Americans as well some citizens of Canada and the UK. The hack itself came to the company’s attention on July 29, when the intrusion was immediately curtailed. Somewhat suspiciously, three Equifax executives chose to sell almost $2 million in Equifax stock on August 1st and 2nd, almost a week before the company went public about the incident. On September 7th, Equifax alerted the public about the breach, also issuing a statement denying the three executives knew about the hack. By the next day, company shares lost more than 13% of their value. The following week, the Senate began initial inquiries into the extent of the incident, also searching for evidence of compromised government accounts. By September 14, the Equifax CEO had been called to testify before Congress and the Federal Trade Commission announced it would begin investigating the breach. Who’s affected? At this point, if...

The latest Yahoo breach holds the record for the largest single breach of user account. The hack, which occurred in 2014, enabled hackers to collect personal information associated with at least half billion Yahoo accounts—names, email addresses, phone numbers, birth dates, and even security questions and answers, according to Yahoo’s press release. What’s even scarier is that encrypted passwords, which are jumbled so only a person with the right passcode can read them, were also stolen. As consequence, Yahoo users are encouraged to review their accounts for suspicious activity, change their passwords and security questions, avoid clicking on suspicious links and consider using a new authentication tool called Yahoo Account Key. Of course, there is always the option to switch to Gmail or iCloud. According to research from Alertsec, about 97 percent of Americans lose trust in companies like Yahoo after massive data breaches, so it will take Yahoo quite some time before it starts rebuilding their users’ trust. However, when a company has allowed their customers’ data to fall into the hands of criminals, regaining trust is difficult, and in some cases, impossible. This breach serves as a reminder of how widespread hacking is and raises again the question of whether the current system of passwords and security questions provides the best kind of protection, and the answer seems pretty obvious, something needs to change. Cybersecurity specialists recommend using a different password for each account, while other experts are working on alternatives to passwords such as one-time passwords, biometrics and the two-factor authentication process. “Cybercriminals know that consumers use the same passwords across websites and applications, which is why these millions of leaked password credentials are so useful for perpetuating fraud,” said Brett McDowell, executive director of the FIDO Alliance, an organization that...