If you signed up to claim your $125 from July’s Equifax settlement, you probably got a confusing, frustrating email over the weekend. “You must provide the name of your credit monitoring service that you had in place when you filed your claim,” the message reads, threatening to revoke your payout if you don’t. Don’t worry: You can still get your cash.
First of all, it’s entirely understandable if you thought the form you already filled out was, you know, the Equifax settlement claim itself. It turns out, though, that the process was always going to include this second step. If you opted for money instead of the free credit monitoring option offered under the terms of the deal, you now have to prove that you’ve already got credit monitoring in place. But you’re forgiven if you didn’t take time out of your life to establish this very specific paper trail.
The good news is that you very well may have credit monitoring in place, whether you realize it or not. The free credit monitoring Equifax offered after its breach has now expired, but many states offer a list of disclosed breaches that you can check. Many of those companies have given out free credit monitoring as recompense. For example, certain victims of the Capital One and Verity Health System breaches were offered free credit monitoring. If you don’t live in a state that maintains such a list, you can use tools like the Privacy Rights Clearinghouse database to jog your memory about breaches you may have been involved in that offered the service.
Other incidents, like Starwood Marriott’s recent breach, yielded other types of web monitoring services for victims. And many credit cards, bank accounts, or other platforms like Credit Karma include some free protective offerings. It’s unclear whether the settlement administrator will accept those, but they seem like they would fall into the category of what the Equifax settlement calls a “credit monitoring or protection product.” After disclosing its breach in May, the National Baseball Hall of Fame said “we have taken steps to alert the credit card brands of the incident so they can monitor your account for potential fraudulent activity,” which may or may not count. It’s worth a shot.
You also may be able to circumvent the whole credit monitoring issue altogether. The Equifax settlement has a provision through which victims can claim a cash payment for “time spent.” This means that you can claim a rate of $25 per hour for up to 20 hours of the time you wasted dealing with the fallout of the breach. But here’s the kicker: The first 10 of those hours is “self-certified,” meaning you don’t need to provide documentation, you just need to describe what you spent the time on. “You must certify that the description is truthful,” the settlement says. “Valid claims for Time Spent will be reimbursed in 15-minute increments, with a minimum reimbursement of 1-hour per claim.”
If you spent hours researching what to do about the breach, setting up credit freezes, hopping on the phone with your bank, or doing anything else remotely relevant, you can claim up to $250 for that time without needing to show any specific evidence. If you’ve already filed a claim and received the email this weekend you will likely need to contact the settlement administrator to also claim time spent, though you may be able to submit the additional claim through the web portal.
Whatever road you choose, it’s important to do something. The process of paying out this settlement has been absurd, with the FTC actively pushing victims toward choosing credit monitoring over cash, including a warning that the final payout may be “substantially lowered” if large numbers of people sign up to get what they’re owed. The settlement notice mentioned the active credit monitoring requirement from the beginning, but it’s questionable to put so many hurdles between victims and their rightful compensation in the first place. Which is why that time-spent claim may be your best bet.
“It’s pretty astounding,” says Chi Chi Wu, an attorney at the National Consumer Law Center, who focuses on consumer credit. “Usually an alternative compensation like this is supposed to be of the type where you don’t have to provide the proof. For example, in the settlement for the Experian data breach, you got up to a certain amount just by claiming it, and if you wanted more you had to show your receipts. So that’s why I think people should know that they can take the time option and self-certify for up to 10 hours. It seems like the settlement deliberately did not highlight that option.”
Wu points out that it shouldn’t be the responsibility of claimants to show that they’ve already sought help for a risk that isn’t their fault in the first place. And she notes that Equifax competitor Experian, which won the contract to offer credit monitoring services to the settlement’s claimants, is ultimately the real winner when people are discouraged from pursuing the cash payout.
“I will repeat myself until I’m blue in the face: Credit monitoring isn’t worth it. It doesn’t prevent identity theft,” Wu says. “And all of this money is going to Experian! So why is the FTC deliberately driving people and putting in barriers to line the pockets of Experian?”
If those aren’t pockets you want to line, then stick to your guns and look for a way to claim your cash. But whatever you do, don’t let this weekend’s email put you off of claiming at all. Better to take the free monitoring than to just let the whole thing go.
More Great WIRED Stories
- xkcd’s Randall Munroe on how to mail a package (from space)
- Why “zero day” Android hacking now costs more than iOS attacks
- Free coding school! (But you’ll pay for it later)
- This DIY implant lets you stream movies from inside your leg
- I replaced my oven with a waffle maker, and you should too
- 👁 How do machines learn? Plus, read the latest news on artificial intelligence
- 🏃🏽♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers, running gear (including shoes and socks), and best headphones.