Published: January 02, 2018
3 Minutes

How to Report Identity Theft to the Credit Bureaus


Alison Grace Johansen

Contributing writer

+ More
Man making a phone call to report identity theft to the credit bureaus.

Identity theft affects millions of Americans every year. Given the possible resulting damage, it makes sense for a victim to take quick action to resolve the situation. And while this can involve several steps, a key one is alerting the credit reporting agencies, also known as credit bureaus

If someone has your personal information, or if it was exposed in a data breach, you want to do what you can to help protect your identity. With your information in hand, criminals may be able to open fraudulent credit accounts in your name, possibly damaging your credit history. Placing a fraud alert on your credit files can help thwart such activity.

In this article, we’ll tell you how to notify the credit reporting agencies and what to expect once you do.

The three credit reporting agencies

Equifax, Experian, and TransUnion are the three major U.S. credit reporting agencies. Each of them collects information about you and how you use credit, as well as whether any business has turned your debt over to a collections agency or you’ve filed for bankruptcy. Because the agencies are so involved in your credit activity, it’s important to notify them if your identity has been stolen—as identity theft can lead to abuse of your credit, and you want to try to keep that from happening.

Major U.S. Credit Reporting Agencies

Equifax Experian TransUnion
Equifax Alerts
Equifax Consumer Fraud Division
P.O. Box 740256
Atlanta, GA 30374
Experian Fraud Center
P.O. Box 9554
Allen, TX 75013
TransUnion Fraud Alert
TransUnion Fraud Victim Assistance Dept
P.O. Box 2000
Chester, PA 19016

Fraud alerts

If you’re concerned about identity theft, perhaps because your personal information has been exposed in some way, contact at least one of the three reporting agencies and request an initial fraud alert be placed on your credit file. If you contact one agency, it’s supposed to contact the other two for you, but it doesn’t hurt to contact all three agencies yourself.

An initial fraud alert lasts 90 days and, during that time, can make it harder for an identity thief to open accounts in your name. That’s because a business must verify your identity before it issues credit to the person requesting it.

You can apply for an initial fraud alert in all the ways listed below (phone, online and mail). These 90-day alerts can be renewed every 90 days, but you’ll have to remind yourself to do so. Otherwise, they’ll expire.

Keep in mind that if your Social Security number has been exposed, it might not be used to commit identity theft until years later, so a 90-day alert may not be the best option. It’s worth noting that, unlike credit card numbers, Social Security numbers aren’t easily replaced.

Another kind of fraud alert is the extended, or 7-year, alert. It’s available only by mail (or fax) and for only identity theft victims who provide a copy of their identity theft report from a federal, state or local law enforcement agency.

Here’s how you can contact the credit reporting agencies to request a fraud alert, using the contact information in the table above:

Requesting a fraud alert by phone

If you prefer reaching out by phone, you can call to request a 90-day fraud alert, but not an extended (seven-year) alert. Your call will likely be answered and handled by an automated system, so don’t expect to speak with someone. When you call, be ready to provide your Social Security number, mailing address to which your bills are delivered, and birthdate.

Requesting a fraud alert online

Each of the three credit bureaus has an online webpage dedicated to helping victims of identity theft.

When you visit the agencies’ websites, each allows you to fill out forms online. You can choose to place a 90-day fraud alert or seven-year fraud alert. Again, the extended fraud alert requires that you submit a police report, indicating you’re an identity theft victim.

Requesting a fraud alert by mail

If you prefer contacting each credit bureau by mail to request a fraud alert on your credit report, you’ll have to provide each bureau with a cover letter outlining your request and proof of your identity.

The ITRC provides forms and other information that you should include in these requests for both a 90-day fraud alert and a seven-year fraud alert. You also should send your letters via certified mail with Return Receipt.

Request and review a copy of your credit report

After placing the fraud alerts, request a free copy of your credit report from each agency. Since each agency’s report may differ, it’s important to look at all three to help ensure you’re not missing anything important. Review the reports carefully to make sure there are no new occurrences of identity theft. If you place your fraud alert online, they should send you an email or prompt you to view your credit report online for free.

Should you freeze your credit?

If you’re seeking an extra layer of protection, you may want to consider freezing your credit reports. A freeze will:

Help block new lines of credit

  • Provide further protection from thieves getting credit in your name

  • Limit access to your credit report

    While a fraud alert requires businesses to verify your identity before extending a new line of credit, a credit or security freeze prevents anyone—even you—from obtaining new credit until the freeze is lifted. While fraud alerts last for 90 days or seven years, most credit freezes hold until you release them. (In a few states, a freeze expires after seven years.)

    Credit freezes are usually free in most states to identity theft victims. For others, they cost $5-$10 and must be placed separately at each credit reporting agency.

    If you’re an identity theft victim, the sooner you take the necessary steps to stop fraudsters from continuing to use your identity—and resolve the issues resulting from being victimized—the better.

    Editorial note: Our articles provide educational information for you. LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

    Dropbox Not Hacked, But Your Account May Have Been Compromised
    Dropbox said no breach had happened on its servers. “Your stuff is safe. The usernames and passwords…were stolen from unrelated services, not Dropbox.
    Read More
    What Is the Dark Web and Other Deep Web Terms
    Check out this expansive glossary of terms to gain a better understanding of how the dark web works.
    Read More
    What Is Medical Identity Theft?
    Medical identity theft occurs when someone steals your personal information and uses it to obtain medical services, treatment or drugs. Learn more.
    Read More
    What Is Shoulder Surfing?
    Shoulder surfing can lead to financial wipeout—yours. What is shoulder surfing? A dangerous sport, if you’re the victim.
    Read More

    Start your protection,
    enroll in minutes.

    Get discounts, info, protection tips, and more.

    Sign up for promotional emails.