Cybersecurity Data Breach

It’s a Trap! – Data Breach Fatigue

It seems like we cannot go a week without hearing about a new data breach that has compromised user accounts, credit cards, or health information. The constant news about our personal information being stolen has led to a phenomenon dubbed “data breach fatigue”. Simply defined, data breach fatigue is “the idea that consumers have become inured to the effects of data breaches and are less motivated to do anything to protect themselves”. It’s the point where we simply accept that our information is not safe and we stop having the expectation that companies we entrust our data to will keep it safe. According to Privacy Rights Clearinghouse, there have been more than 9,000 data breaches since 2005, which equals about 1.77 data breaches per day, and those are just the data breaches reported in the United States.

Data breach fatigue has become such an issue that 35% of people that have had their information compromised in a data breach do not take any steps to change their passwords following the breach. And over half of us have had our personal information stolen in a recent data breach.

What Can Happen with Your Information

If your social security number is stolen, it can lead to not only identity theft but also fraudulent tax returns and stolen tax refunds in your name. It can even lead to medical fraud and health insurance fraud.

While fraud protection on credit cards can protect you if the card number is stolen, those that have their debit card numbers stolen can face financial hardships as they go through the process of fraud report filings and trying to get money taken directly from the bank account.

Besides fraud and monetary losses, there is the time and effort to be considered when fighting identity theft; speaking to bill collectors, filing police reports, and submitting reports to credit monitoring agencies; none of which is fast, easy, or fun.

And if your name and email address are stolen, you can start receiving specially crafted phishing emails that could lead to financial losses or account compromise.

Data Breaches Can Affect Kids Too

Following the Equifax data breach checker, a family decided to check their entire family’s information and were surprised to see that their 7-year-old son’s information had been compromised.

The theft of a child’s identity is lucrative to cyber-criminals because the theft can remain undetected for years, if not decades. Without regular monitoring, a child’s identity that has been stolen may not be discovered until they are preparing to go to college and start applying for student loans or get their first credit card. By then, the damage is done, and the now that young adult will need to go through the pain of proving that their identity was indeed stolen.

A 2011 report found that children are 51% more likely to be the victim of identity theft than an adult. It was found that one of the victims was only five months old and another teenager had over $700,000 in debt in their name.

Last tax season, cyber-criminals on the DarkWeb were found to be selling the social security numbers of infants for just $300 per social to be used on fraudulent tax returns. While data for children has been on sale for many years, it is the first known instance where hackers are specifically targeting newborns and “fresh” social security numbers.

How Can You Protect Yourself?

There are several things you can do to protect yourself from widespread impacts of data breaches or if your information has been compromised.

  1. Use unique passwords for each account – having a different password for each website or online account will help if one of those accounts is compromised because it means that only that one account is affected. We are notoriously bad about recycling and reusing passwords but with a trusted password manager such as KeePass or LastPass, you can easily track and manage your passwords.
  2. Use credit monitoring services – if your information has been compromised, you are likely eligible to receive up to two (2) years of credit monitoring services free-of-charge. But even after the initial free period, plans are fairly inexpensive, many ranging less than $20 per month for the entire family.
  3. Provide only required information to websites – when asked optional information such as address or phone numbers, don’t feel obligated to provide them unless you want the company or its partners to contact you,
  4. Consider a credit-freeze – if you are not actively opening credit card or loan accounts, you may want to consider placing a freeze on your credit. This will prevent fraudsters from being able to open accounts in your name and will alert you if there are attempts to open accounts. You can easily remove the freeze if you need to apply for a new line of credit.
  5. To protect yourself against phishing attacks, never enter your personal information after following a link from an email. Instead, go directly to the website of the bank or company that sent you the email.