Maybe freeze your chexsystems reports also so deposit accounts can't be opened in your name
@_KeepingScore_ wrote:About 2 weeks ago, I got an alert from Discover of a pending charge for $1 that I knew wasn't mine. I immediately had them cancel/replace my existing card, to be safe. Today, Capital One notified me that my SSN was found on the 'dark web' and of course, I freaked. I put a freeze on all three credit bureaus right away. My cards are never out of my sight and I don't frequent seedy gas stations or sketchy websites to handle my business, so I am stupidly, ridiculously careful about where my info goes. However, I know that there is only so much I can do as there seems to be a breach weekly. I have (4) cards other than the Discover (3 CapitalOne + 1 Amazon), in addition to my standard banking card. Should I change account passwords and request new cards for all of those, or am I really being paranoid? Should I go farther than that?
Welcome back, @_KeepingScore_.
Like many of us, you may have been involved in a **HUGE** recent data breach. This does not appear to be just any ordinary data breach. It's in a league of it's own for the breadth or data and consumers affected. Websearch the "National Public Data" breach from August 2024. There are posts on this forum and Reddit about it, as well as tons of news articles.
You can see your exposed data HERE.
You've started by freezing your credit reports. Good job.
Immediately change all passwords for financial data and credit reporting. Make sure they are complex and don't repeat between accounts. Consider using a password manager software program to create and manage unique passwords.
Set up multi-factor login authorizaton or biometric login on all accounts that you can do so.
Create an account with the IRS and put your tax filing on a PIN protection. This keeps someone from claiming your refund if they file before you do.
Create an account with the Social Security Administration to verify your benefits haven't been accessed and to prevent someone else from setting up an account in your name.
In my case, I had my current physical address, my mailing address (PO Box), phone number and email address published. 
Of course, I'm not going to move but my financial data goes to my PO Box for security. I may change the box number. I'm considering changing my phone number, although that is a huge hassle. I use a separate email address for financial accounts already and fortunately it was not published, just my everyday "spam" email. My email provider allows for setting up additional email aliases which can later be blocked without shutting down the account. I'm considering using more of those to protect my core email account. If a fraudster tries to use any of this published data, it would no longer be useful to setting up a new account or accessing my existing accounts or data.
It might not have been necessary but I went to most of my card accounts that weren't used frequently and locked/froze the cards. It's easy to do with most lenders and helps prevent new charges from processing unless they are on a recurring subscription.
There is a posting on REDDIT that has a checklist of sorts of many large national data aggregaters (including Lexis Nexis and Chex Systems) where you can retrieve your report, opt out, or even remove all your data. Go HERE for that checklist.
See these other My FICO threads for other related links and suggestions. Good luck!
