Capital One made news last week because of a huge data breach where more than just “What’s in your wallet?” was stolen. A female hacker, who has been caught and taken into custody, obtained the personal data of more than 100 million people, one of the largest thefts ever of data from a bank.
But that isn’t even close to being the largest breach this year. That honor belongs to a large but little-known title insurance and settlement services company, First American Financial Corporation. Their data breach gave up 885 million records!
According to Wikipedia’s list of data breaches, there have been 121.3 billion records stolen in breaches worldwide so far in 2019. How do breaches happen? The most often used method of attack, accounting for 63% of data breaches, is by hackers.
Most hackers seek information they can sell or use. Surprisingly, it seems credit cards aren’t worth as much these days because there are so many stolen ones available on the dark web, and credit card accounts can be quickly closed.
Social Security numbers are worth much more than credit cards. They allow identity thieves to open new credit and bank accounts, access brokerage accounts and even obtain medical treatment. Unlike credit cards, it’s difficult to close a Social Security account.
To a hacker though, stealing health records is like striking gold. They’re data-rich, not only containing the hugely important Social Security number, but also date of birth, medical history, insurance information and maybe even the credit card used to pay bills. According to experts, a medical record is easily worth 10 times more than a credit card number.
So, what do you do to protect yourself or your company if you were affected by a data breach? We have some suggestions:
• The first thing to do is to stay calm! According to the Better Business Bureau, consumers are not liable for fraudulent charges on stolen account numbers.
• Freeze your credit with the three major credit reporting bureaus. Clark.com advises it’s the No. 1 thing you can do to protect your identity and your finances.
• Before you freeze your credit, sign up for a credit monitoring service such as CreditKarma or Credit Sesame. You must sign up before you freeze your credit, or the monitoring system won’t work.
• Check your credit card and bank statements regularly and report any fraudulent or questionable charges. Pay very close attention to your debit card account, as they do not have the same protection as credit cards. Debit cards allow money to be withdrawn directly from your bank account.
• Never provide personal financial information to unsolicited sources such as emails or phone calls. Never click on a link or open attachments, which can download malware onto your computer.
• Check with the website of the company that was breached for the latest information. Type the company name directly into your browser’s address box. Never click on a link from an email or social media message.
• Set up two-factor authentication (2FA) on all your online financial accounts. Basically, 2FA confirms the user’s identity using a combination of two different factors: 1. something a person knows, such as a password or mother’s maiden name, plus 2. something a person possesses, such as a credit card or 3. an authentication code sent by email or text.
Data breaches have become so common they often go unreported. By consistently following the steps listed above you’ll have a better opportunity to protect yourself as well as your financial and personal data.
Cheryl Parson is president of the Better Business bureau serving West Central Ohio. The BBB may be found on the Internet at www.lima.bbb.org.