I didn't leave the house today, choosing instead to divide my time between my dissertation and the data breach / identity theft nonsense.
It turns out that the trust company that leaked the data uses part of an account-holder's SIN for their password by default. With the name, DOB, address, phone number, and SIN compromised, it's hard to see how this could conceivably be considered secure.
Meanwhile, I've costed some "solutions" for my predicament.
1. Getting a post office box that can: a) mimic a real address; b) be locked at all times, and c) actually receive mail (unlike our home, where Mari's driver's license went missing in the mail, and her passport very nearly went back to Japan). That's $220/year.
2. A credible third-party credit bureau monitoring package, $20/month.
3. Changing our home number $240. Yes, $240, because our Internet access is a DSL service that operates on the phone line. Changing the line requires days of down time for some reason, and since the service we're on is no longer offered we'd have to "upgrade" to something else, and if that's the case there's only one package we would want and that would require a new modem/router.