Corporate Data Breaches: What They Mean and What You Can Do

If you’re an American consumer, you can pretty much assume your personal data has been compromised in some way by online opportunists.

Last year alone, some 12 billion records will have been stolen by cybercriminals, with that number expected to reach 33 billion by 2023. The unfortunate fact is that nearly 60 million Americans have already been affected by identity theft.

“Any data point you share with a company will in all likelihood eventually be hacked, lost, leaked, stolen or sold — usually through no fault of your own,” notes an article on Krebsonsecurity.com. “If you’re an American, it means (at least for the time being) your recourse to do anything about that when it does happen is limited or nil.”

In the last few months alone, the following major breaches have taken place:

• Marriott: In what’s considered the second-largest data breach in history, information from at least 500 million guests of the hotel and hospitality chain (dating back to at least 2014) was compromised in November. The leaked info includes names, phone numbers, email addresses, passport numbers, dates of birth, credit card numbers and card expiration dates.
• Dunkin' Donuts: In October, a hacker accessed names, email addresses and account information of an unknown number of customers.
• Atrium Health: In November, data from at least 2.65 million patients was compromised, with breached information spanning payment information, names, physical addresses, DOB, insurance policy information, medical records, balances, dates of services and some 700,000 Social Security numbers.
• Dell: The company warned in November that adversaries had attempted to access customer names, email addresses and hashed passwords.

While much of the risk is beyond your control in our complex and rapidly evolving digital society, there are still steps you can take to protect your personal and financial privacy as much as possible. Consider the following suggestions from top security experts.

• Take advantage of your legal right to receive free annual copies of your credit report from the top three reporting agencies, then scan them for any fraudulent charges, opened accounts or problematic financial situations.
• If you know or think your financial data has been compromised, you can place a free, temporary credit freeze on your credit reports. That prevents thieves from opening new accounts in your name, since new creditors need that information to approve new lines of credit.
• Set fraud alerts with the three major credit bureaus. If they know your identity may have been compromised, the three major bureaus will take extra steps to identify anyone trying to open accounts in your name. Be sure they have your current contact info in case they need to reach you to report suspected fraud.
• Install a credit-monitoring app. A number of convenient free tools can regularly check your credit rating to ensure a fraudster hasn’t left black marks on your name.
• Run regular virus scans on your smartphones, tablets and computers. Data from 2017 indicates 16 million households experienced a serious virus problem between 2015 and 2017 alone, with 1 million losing money or seeing compromised accounts as a result.
• To make identity theft harder for cybercriminals, regularly change passwords for your email accounts, social media, corporation accounts and financial institutions — and try to maintain different passwords for each. That requires extra organization on your end, but it can go a long way toward thwarting theft across many of your accounts at once.
• Make a point of regularly monitoring your financial accounts, credit cards and bank statements for fraud.

Identity theft is a fact of life for most Americans these days, but there are still precautions we can take to become aware of fraud as soon as it happens and attempt to minimize the damage.

Learn more about how to protect your finances.