Kroll is a leading provider of credit monitoring and identity protection services. But with scams abundant, is using them safe after a data breach? We break down what Kroll Monitoring offers and key precautions.
Overview of Kroll Inc
Kroll is a major corporate investigations and risk consulting firm founded in 1972. They provide services related to areas like cybersecurity, compliance, disputes, valuation, transactions, and data analytics.
A key offering from Kroll is credit monitoring and identity theft protection. This is typically provided to individuals impacted by data breaches. They works with the breached company to notify affected people and provide monitoring services.
How Kroll Credit Monitoring Works
If your data was compromised in a breach, the entity responsible will usually offer free credit monitoring through a service like Kroll. You’ll get a notification letter from Kroll with a membership number.
To enroll, you create an account on Kroll’s website and enter the membership number. You’ll need to verify your identity by answering personal questions. Once enrolled, they monitor your credit reports and alert you to any suspicious activity.
If you spot fraudulent accounts, you can call Kroll for help disputing them. They also provide identity restoration support. Monitoring terms can range from 1-2 years depending on the breach.
What To Do After a Data Breach Notice
If you get a letter about a breach involving your personal data, here are important steps experts recommend:
- Contact the breached entity directly with any questions about what occurred. Verify the offer is legitimate.
- Consider enrolling in free monitoring, but evaluate the provider first. Search “[Company] reviews” to see feedback.
- Monitor your financial accounts closely for suspicious charges. Report anything strange.
- Request credit reports and check for unknown accounts. Dispute errors.
- Change passwords, especially for the breached account. Don’t reuse passwords.
- Be alert to scam calls/emails about the breach. The company should never ask for personal info like passwords.
- File a complaint with the FTC and your state AG to report the breach.
Is Kroll Monitoring Legitimate Service or another Scam?
While scams are common after breaches, Kroll is a legitimate company with extensive history in risk management services. However, based on certain reviews, their customer support and technical execution seem inconsistent at times.
Key considerations if using Kroll:
- They do require your SSN, DOB and other personal info to enroll. Make sure the offer is authentic before providing it.
- Some users report frustration verifying ID or accessing accounts on the site. Be persistent.
- Reviews cite long hold times and poor support from overseas call centers occasionally. But overall service seems decent.
- If you have issues, ask for a supervisor. Document names.
- Don’t rely solely on monitoring. Also order credit reports and consider freezes.
- Be cautious of Kroll forwarding your info to partners or entities besides credit bureaus. Ask them about data handling policies.
- Weigh alternatives like your bank’s monitoring or LifeLock if you prefer.
How To Avoid Data Breach Notice Letter Scams
With rampant scams pretending to be from breached companies, approach any notifications carefully:
- Verify the source. Scammers often spoof legitimate logos and branding.
- Call the company directly at an official number to confirm breach details before clicking links or providing info.
- Watch for urgent demands, threats, or requests for financial info, account numbers, or passwords. These are red flags of a scam.
- Review the enrollment site’s security (HTTPS, Norton Verified). Avoid non-secure pages.
- Search for recent news on the breach to confirm it’s real.
- See if others received the same notice in breach forums. Scammers target individuals.
- Consult with your state AG if unsure. Report suspected breach scams.
Stay Protected After a Breach
- Regularly review credit reports and financial statements.
- Set up fraud alerts and consider credit freezes. Kroll’s monitoring alone is not enough.
- Change online account passwords frequently, especially for breached sites.
- Use multifactor authentication whenever possible.
- Limit sharing of personal information online or over the phone.
- Use encrypted email services.
Though not perfect, Kroll is a legitimate service to consider after a breach. But rely more on proactive measures you control to protect your identity. Evaluate all options thoroughly before providing sensitive information.