I received a letter from Countrywide today that says:
"We are writing to inform you that we recently became aware that a Countrywide employee (now former) may have sold unauthorized personal information about you to a third party...
Based on a joint investigation conducted by Countrywide and law enforcement authorities, it was determined that the customer information involved in this incident included your name, address, Social Security number, mortgage loan number, and various other loan and application information."
It goes on to say they will give you 2 years of Triple Advantage credit report monitoring for free and they include a website address and activation code to start the credit monitoring service.
Just great. Luckily the only thing Russian hackers could buy with my credit is a bottle of cheap vodka.
We don't understand why temporary free credit monitoring is always the go-to remedy every time a company "loses" your personal data. The security breach could have huge and long-term financial consequences for you, and the company that enabled that breach should take responsibility for it.
Every company that deals in sensitive data should have identity theft counselors on staff—people who will walk you through a formalized plan for changing account numbers where possible, getting new account numbers if necessary, and setting up a systemized way to monitor financial activity on a weekly or monthly basis. (And they should pay for any fees you're charged in the process.)
Just saying "sorry, here's some free online monitoring" is inadequate—it's like a doctor leaving a clamp inside you after surgery, then giving you coupons for free checkups for a couple of years.