Why did LSU enter into an agreement with Equifax?
Do any universities have such an agreement in place with Equifax or other service providers?
Which LSU campuses are covered?
What coverage is included with the Equifax agreement?
When will this service be available?
Am I automatically enrolled in Equifax if I am a current LSU faculty, student, or staff member?
How do I “opt-in” to receive Equifax credit monitoring?
How long will the agreement last? What will happen when it expires?
When the agreement expires, will my coverage from Equifax also expire?
Will having Equifax help with IT security at LSU?
Will this coverage protect me from breaches that occur outside of LSU?
I’m a student. What happens when I graduate from LSU or leave otherwise?
Are part-time faculty, staff, and students also able to take advantage of this licensing agreement?
I’m a current LSU community member. Can I sign up family members or friends for this service?
I already have a protection product from Equifax or one of the other vendors. Can I get a refund?
Why is Equifax interested in working with LSU?
Why is Equifax interested in working with higher education?
Where can I learn more about Equifax?
Where can I obtain information at LSU on identity theft?
What efforts are taking place at LSU to address data integrity and security?
Is there legislation in Louisiana regarding identity theft? If so, what does the law state?
Is identity theft only a problem for people who submit information online?
Are there ways to avoid being a victim?
What can you do if you think or know that your identity has been stolen?
How do you know if your identity has been stolen?
If I signed up last year, do I have to sign up again?
Why did LSU enter into an agreement with Equifax?
Higher education has been identified as the highest area of risk for data breaches due to the innate openness of the networks and environments. LSU is extremely concerned about breaches, but as a part of that concern, is thinking broadly about the institutional impacts of a breach. The impact of a potential breach on its community—students, faculty, and staff—has the greatest bearing on the institution.
Why did LSU choose Equifax?
There are three national credit agencies—Equifax, Experian, and TransUnion. Equifax is a global and industry leading credit reporting company. With an extensive track record educating consumers on the importance of identity theft protection, Equifax was the first agency to respond to our request for an open dialogue about this revolutionary approach.
Do any universities have such an agreement in place with Equifax or other service providers?
No. LSU is the first university in the nation to have such an agreement in place. The concept for this initiative was suggested by LSU, and Equifax executives worked with LSU IT professionals to create this institutional-approach program.
Which LSU campuses are covered?
LSU as well as the Law Center and AgCenter are covered. Additionally, Equifax has suggested it may extend coverage to alumni of LSU. In the near future, LSU alumni may have the option of purchasing the product at a "preferred LSU alumni price" discounted off of retail. Additional details will be provided if this option becomes available.
What coverage is included with the Equifax agreement?
The agreement includes convenient access to award-winning product, Equifax Credit Watch™ Silver. Those who take advantage of this offering will receive daily alerts notifying them of key changes to their Equifax credit file. Key changes include new accounts opened, significant changes in current balances, etc. The package also includes an initial Equifax Credit Report with discounts on additional Equifax Credit Reports, and up to $20,000 Identity Fraud Expense Coverage (with $0 deductible).
When will this service be available?
The credit monitoring service is currently available.
Am I automatically enrolled in Equifax if I am a current LSU faculty, student, or staff member?
No. You must “opt-in” to receive the service. LSU is not sharing your personal information with Equifax without your involvement. LSU Information Technology Services will be actively campaigning to make people aware of this new protection program, and strongly encourage students, faculty, and staff to take advantage of it. It is up to each individual to enroll him/herself. LSU has arranged the deal with Equifax, and has facilitated technology links to allow LSU community members (and those members only) to get this remarkable program free of charge.
How do I “opt-in” to receive Equifax credit monitoring?
Access to this special pricing is managed through your PAWS ID. Users authenticate via PAWS to identify themselves as LSU community members, and then are provided a special link to the LSU service page at Equifax.com where they can enroll at no cost. The registration process should be automatic and without the need for a special registration code. If you have difficulty, please e-mail creditmonitor@lsu.edu.
How was the agreement funded?
Funding for the first year was provided by LSU campus administration. No Student Technology Fee monies were used, though the vast majority of those covered are, of course, students.
How long will the agreement last? What will happen when it expires?
The agreement will run through September 6, 2009. At that time, it may be continued based upon results from the first year. Other funding solutions for longer-term coverage may be reviewed at that time.
When the agreement expires, will my coverage from Equifax also expire?
Your coverage lasts twelve months from the time you register for the service. For example, if you sign up on November 1, 2008, your coverage will last until November 1, 2009.
Will having Equifax help with IT security at LSU?
Yes. This new approach offers a way to "inoculate" LSU community members from the impacts of any breach, and allows the University to focus entirely on preventing breaches. This initiative makes LSU community members less attractive as potential targets for identity/credit fraud, as we now have the ability to broadly monitor our credit.
Will this coverage protect me from breaches that occur outside of LSU?
Yes! Your personal information is in hundreds or even thousands of databases. Just think of all the places where you’ve filled out forms with your full name and social security number, or where you’ve used your credit card. The protection this plan offers lets you keep an eye on your credit, and if someone starts to abuse your credit for fraudulent purposes, you’ll be almost immediately aware of it (thanks to the daily e-mail notifications). This coverage made possible by LSU helps protect you from any source that might breach your personal information.
I’m a student. What happens when I graduate from LSU or leave otherwise?
Equifax has suggested a way to extend coverage to alumni of LSU. In the near future, alumni may have the option of purchasing the product at an LSU "preferred price" discounted off of retail. Additional details will be provided if this option becomes available.
Are part-time faculty, staff, and students also able to take advantage of this licensing agreement?
Yes. All current faculty, staff, and students may take advantage of the credit monitoring service.
I’m a current LSU employee or student. What happens if I retire, graduate, or leave the University within the next year?
Current LSU employees and students are covered for the entire first year, even if the individual’s association with the University terminates before September 6, 2009.
I’m a current LSU community member. Can I sign up family members or friends for this service?
No. Only current LSU faculty, staff, and students are able to take advantage of the service. In the near future, alumni may have the option of signing up at a discounted rate.
I already have a protection product from Equifax or one of the other vendors. Can I get a refund?
No. If you’ve already signed up for coverage (and paid for it) you will have to maintain that coverage unless the package you signed up for has an early termination clause. But when it does expire in the next year, consider not renewing that package and signing up for the LSU-funded Equifax service. Again, you’ll get one full year of subscription coverage to the Equifax product, no matter when in the LSU contract period you sign up.
Why is Equifax interested in working with LSU?
LSU is fast becoming a leader in higher education information technology (HE-IT). LSU has a growing reputation as a place where interesting and exciting new things are happening, and thus, can serve as an excellent model for others to follow in this regard.
Why is Equifax interested in working with higher education?
It's been widely reported that the greatest area for risk of breach is higher education due to the open nature of the networks and systems in this sector. Currently, efforts in the HE-IT community are focusing on breach notification processes and procedures—dealing with the aftermath of a breach. This new approachi s designed to help protect higher education community members against potential identity theft and fraud.
Where can I learn more about Equifax?
Please see www.equifax.com for additional information on Equifax products and services.
Where can I obtain information at LSU on identity theft?
Please see www.lsu.edu/databreach for information.
What efforts are taking place at LSU to address data integrity and security?
LSU is making great strides in tightening network and infrastructure security. This including focusing on policies, processes, and monitoring; eliminating the Social Security number as the primary identifier used in information systems for students and employees; and developing processes for analyzing security incidents and determining conditions for disclosures of actual or possible breaches of personal information, in accordance with state law.
Is there legislation in Louisiana regarding identity theft? If so, what does the law state?
Yes. SB205 Act 499, known as the Database Security Breach Notification Law, was signed by Louisiana Governor Blanco on July 12, 2005, and became effective on January 1, 2006. This legislation requires notification to any Louisiana resident whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person as a result of a security breach. In addition, the notification must be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement or any measures necessary to determine the scope of the breach, prevent further disclosures, and restore the reasonable integrity of the data system.
What is a security breach?
A security breach is a compromise of the security, confidentiality, or integrity of computerized data that results in, or can be reasonably concluded has resulted in, the unauthorized acquisition of and access to personal information. Good faith acquisition of personal information by an individual is not a breach of the security of the system, provided that the personal information is not used for, or subject to, unauthorized disclosure.
What is personal information?
Personal information is an individual’s first name or first initial and last name in combination with any one or more of the following data elements (when the name or data element is not encrypted or redacted):
- Social Security number (SSN),
- driver’s license number,
- account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account.
Personal information does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.
What is identity theft?
Identity theft occurs when someone obtains sensitive personal information such as a name, Social Security number (SSN), driver’s license number, credit card number, or other identifying information to take on that person’s identity in order to commit fraud or other crimes.
Is identity theft only a problem for people who submit information online?
No. You can be a victim of identity theft even if you never use a computer. Fraudsters can obtain personal information by stealing your wallet, overhearing a phone conversation, or picking up a receipt at a restaurant that has your account number on it.
Are there ways to avoid being a victim?
Unfortunately, there is no way to guarantee that you will not be a victim of identify theft. However, there are ways to minimize risk:
- Do business with reputable companies.
- Take advantage of security features (passwords and other security features add layers of protection if used appropriately).
- Safeguard your Social Security number. Don't make a habit of carrying your Social Security card with you and avoid placing it on your drivers license.
- Check privacy policies.
- Be wary of phishing attempts. Do not provide personal information such as your passwords, Social Security number, or credit card information over e-mail. If you receive a phone call from anyone requesting personal information, verify the caller's identity before sharing your information.
- Pay attention to billing cycles. Contact creditors immediately if bills arrive late. Missing bills could signal that an identity thief has changed your billing address.
- Put your shredder to work. Shred pre-approved credit card offers and other documents displaying your name and personal information before throwing them away.
- Use and maintain anti-virus software and a firewall.
- Monitor your credit. Use the Equifax Credit Watch service provided, and be aware of your account activity
What can you do if you think or know that your identity has been stolen?
To minimize the extent of the damage, take action as soon as possible:
- Contact institutions, including banks, where you have accounts
- Contact the main credit reporting companies (Equifax, Experian, TransUnion)
- File a police report
- Consider other information that may be at risk (Social Security Administration, Department of Motor Vehicles)
How do you know if your identity has been stolen?
Some changes that could indicate that someone has accessed your information include:
- Unusual or unexplainable charges on bills
- Phone calls or bills for accounts or services that one does not have
- Failure to receive regular bills or mail
- New, strange accounts appearing on your credit report
- Unexpected denial of one’s credit card
If I signed up for the service last year, do I have to sign up again?
If you signed up for the Equifax service through LSU last year, you will be automatically re-enrolled for another year provided that you remain a current member of the LSU community at the time of re-enrollment.