Data Breaches 101: When, Not If
Updated: Feb 19, 2019
2017 was dubbed “the year of the data breach” with over 1,579 breaches and 16.7 million cases of identity theft. Now, we hear this term “data breach” frequently in the digital world we occupy, but what does it really mean? What are some of the risks associated with it? What can you do as an ordinary person to protect yourself?
What exactly is a data breach? A data breach is simply that… a breach of data. It is one of the many reasons we even need to worry about cyber-security. An internet data breach is a cyber-incident in which sensitive information is stolen from a computer system without the knowledge of the owner. Let’s analyze that a little closer. A cyber-incident is an incident involving a hacker who targets a company’s or an individual’s computer system. The sensitive information targeted may include credit card numbers, social security numbers, emails, phone numbers, passwords, dates of birth, and a host of other information you probably wouldn’t want to fall into the wrong hands.
Let’s look at the top three data breaches of 2017:
In September 2017, Equifax, one of the top three credit reporting agencies in the nation, admitted to a data breach that exposed the data of 143 million customers. Within the breached data were full names, dates of birth, social security numbers, addresses, and over 200,000 credit card numbers.
In July 2017, Verizon admitted to a data breach that exposed over 14 million Verizon customers. The data that was breached included names, PINs, and phone numbers. This is all a person needs to access a phone account.
In November 2017, Uber admitted to a data breach that occurred in October 2016 which exposed the records of over 57 million riders and drivers. They further admitted to having paid the thief $100,000 to keep the data breach quiet and to keep the data safe. Among the data breached were emails, phone numbers, names, and several of the drivers’ license numbers.
These are just the big three of 2017. Numerous other companies have experienced data breaches, including Target, Amazon, Walmart, and many more. Basically, if you have ever been into a store or purchased anything, your data has been exposed. The odds of your personal data now being sold to an identity thief is no longer a matter of if, but when.
Why are data breaches really a problem? The biggest problem from data breaches is identity theft. When a hacker achieves a data breach, he is able to gather a host of information from potentially millions of people all at once. The thief can then sell that information on the dark web to identity thieves who take the information and use it to get government benefits, jobs, tax returns, and new credit cards in your name. Audra Schmeirer, while an extreme case, is a prime example of what an identity unguarded can do to you. She had 81 people in 17 different states using her one social security number, and the only reason she found out was that she received a tax audit that stated that she owed about $15,000 in back taxes. While the primary breach target may be companies, the real target is individuals.
What can you do about it? You’re a little fish in a big sea of corporations and complicated cyber-security networks, and you as a customer are constantly having to rely on the honesty and cyber-consciousness of other people. There are, however, some things you can do to take your own safety into your own hands.
1. The first step is awareness. Be aware of what a data breach is, what the hacker is after, and ways you can work to prevent it. Congratulations, if you have actually read this blog, step 1 is complete.
2. If you are an employer, train your staff to prevent data breaches. 15% of data breaches are because of employee error or negligence. While that may not be the. Highest percentage, it is still something, especially since about 30% of your client base will leave after a data breach.
3. If you are an employee, take the initiative to make yourself aware and educate yourself on prevention techniques. As an employee, it is your duty to make yourself educated to minimize the risk that you provide to your employer.
4. If you receive a “fishy” email, do not click on anything within the email. Typically, a phishing email has a link attached to an insecure website that asks for sensitive information. Do NOT click on the link. Always verify the identity of the sender through a phone call or a separate email address.
5. Purchase some form of ID monitoring and restoration program. We recommend IDShield as the most benefit for the least cost. For just $9/month, you have access to a program the levels the playing field for the little fish. IDShield guarantees that they will spend up to $5 million to restore your identity to a pre-theft condition. They watch black-market chatrooms where data is bought and sold, for any of your information. They also monitor your credit cards, social security numbers, medical IDs, driver’s license number, passport number, email addresses, and social media sites (for risky information).
Data breaches are unfortunately part of the digital world we live in, but there are steps we can take to minimize the risk to ourselves, our families, and our employers.