These 5 actions can help protect your personal and financial data

Recent actions by the Department of Government Efficiency to access internal computer systems and databases at many federal government agencies, including the Treasury Department, Internal Revenue Service, and Social Security Administration, have sparked debates about privacy and data security. 

“There’s always inherent risk in having sensitive information at a government agency because they’re ultimately responsible for protecting it and moderating who actually has access to it,” said Steve Grobman, chief technology officer at the cybersecurity firm McAfee.

DOGE is not a federal agency, and billionaire Elon Musk, whom President Donald Trump brought on board to implement the DOGE initiative, is not a federal official. Yet, since its establishment, DOGE has sought access to software and IT systems at federal government agencies to “maximize efficiency” and cut spending.

Critics say there has been a lack of transparency about exactly how personal or financial information is being used and whether it is being kept secure — although Musk has said DOGE’s actions are “maximally transparent.” Meanwhile, several lawsuits have been filed to block DOGE’s access to sensitive personal data.

Cybersecurity experts say that protecting your personal and financial information should be part of a strategy to take care of your overall financial well-being, regardless of the political climate.

“For people who are concerned about the security of their data collected and stored by the federal government, our advice is the same as any other time or circumstance,” James  L. Lee, president of the non-profit Identity Theft Resource Center, said in an emailed statement. 

“There are actions you can and should take to protect your personal information, no matter what organization is collecting and storing it — from the corner market to local doctors to government agencies at all levels. Personal information is always at risk of identity misuse,” Lee said.

Here are five actions cybersecurity experts recommend you take now:

Freezing your credit will block access to your credit report and prevent anyone from opening new accounts in your name. Then, if someone gets your Social Security number or other private information, they can’t take out a loan or open a credit card.

You must contact all of the three major credit reporting agencies — Equifax, Experian, and TransUnion — to freeze access to your credit with each. The process only takes a few minutes, and it’s free. Just make sure to temporarily unfreeze your credit before you apply for a new credit card, loan, or mortgage.

Take the time to review your credit reports from each of the credit reporting agencies to make sure there are no errors or signs of identity theft. You can get a free copy of your credit report from each of the bureaus weekly by going to annualcreditreport.com.

You may not need to check your reports every week, but it’s important to review your credit history at least quarterly to ensure there are no issues.

If you don’t have one already, create a “My Social Security” account on the Social Security Administration’s website to check your earnings records, get estimates of your monthly retirement benefits and manage current benefits. Review your statement, download a copy and contact the Social Security Administration if there are any mistakes. Establish your account now to ensure no one else does so in your name. 

“Keeping a local backup of your Social Security statement, credit history [and] student loan payments is always a good idea, and doubly so as the future is unclear at so many of the administering agencies,” Emory Roane, associate director of policy at the non-profit Privacy Rights Clearinghouse, said in an emailed statement.

The IRS allows consumers to proactively request an identity protection PIN (IP PIN) — a unique six-digit number — to use when filing your tax return. The IP PIN verifies your identity when you file an electronic or paper return. It prevents someone else from using your Social Security number to file a fake return, possibly stealing your refund. 

McAfee’s Grobman recommends that consumers make sure that “sensitive data that they have control of goes to the minimal number of places possible.” 

“Setting up multi-factor authentication, the various secure ID and PIN capabilities that the IRS offers, is absolutely critical to helping ensure that only you or your designated tax preparer is accessing that sensitive information on government systems,” he said.

Create a “passkey” for any online account that offers one for enhanced security. A passkey is a string of encrypted data that you can access with a face scan, fingerprint, or PIN. Use multi-factor authentication — like a password plus a code — if you can’t add a passkey. Don’t reuse passwords.

Instead, Lee, of the Identity Theft Resource Center, recommends you “use a password manager to create and remember a different password for every account. Google and Apple offer free password manager apps, and password managers are included in Safari, Chrome, Edge and other major web browsers.”

SIGN UP: Money 101 is an 8-week learning course on financial freedom, delivered weekly to your inbox. Sign up here. It is also available in Spanish.