Data breaches have become uncomfortably common.
In the past five years, more than six
billion user accounts were hacked during the six biggest data breaches
alone. With hacker attacks occurring every 39 seconds in the US, it’s easy to
become despondent and complacent about cybersecurity.
Even though you may have already been the victim of a data breach,
you still need to stay vigilant every single day. After your data is stolen, it
is often sold on the dark web.
There are five key targets the biggest
data breaches in modern history share.
- Your
full name
- Email
address
- Physical
address
- IP address (each
computer on the internet has a unique numerical ID defining it's physical
location.)
- Credit
card information
We asked Norm Hinman, cybersecurity administrator for the
City of Roseville, for his advice about staying safe in the face of seemingly
endless cyber-dangers:
- After so many data
breaches, is there any practical reason for users to continue cybersecurity
practices? Isn’t all my information already out there? Why should I care? You should care because
every breach is different. If you
haven’t switched to strong and different passwords for every system you
log into, the next breach or even a previous breach could provide thieves
with passwords needed to access your email, your bank accounts, retirement
accounts, credit card logins, etc.
You may want to consider using an ID theft protection subscription.
This service will send you a notification if you are the victim of a new
breach and to check if your email was involved in any previous breaches.
- There’s
been thousands of cyber-attacks in the past few years, and I haven’t
noticed any direct effect on my life or my family. Should I be concerned? Much
of the stolen data from these hacks and data breaches is up for sale on
the Dark Web. Years after the initial breach,
it can be purchased and used to attack you. Maintaining vigilance is essential to
protect yourself should your data be used in a future attempt to steal
your identity.
- What’s the best
course of action for me moving forward?
You can secure all of your existing logins by using different strong
passwords on each system and by enabling a multi-factor authentication
such as Google
Authenticator. Going forward,
continue to follow safe-computing practices for all new accounts you set
up. You can’t change your past, but you should care about how easy it is
for strangers to access existing data. Information about your past such as
family history and past addresses can be used to steal your identity by
enabling criminals to answer password reset questions, etc. For now, the U.S. does not have laws to
prevent data brokers from compiling and selling information about you.
What you can do is request them to delete your information. There are many
of these sites and each of them seems to have a different procedure to
request deletion of your data, but it is worth doing to protect yourself.
Here is a list of data brokers and links to their opt-out forms.
Everyone needs to take steps to protect their personal information. A good start is to request a copy of your
credit report from each of the three major credit reporting agencies—TransUnion,
Equifax, and Experian. Only one website is authorized to fill
orders for the free annual credit report under Federal law —
annualcreditreport.com.
Federal law allows individuals to get a free copy of their credit report
every 12 months. Examine your report to
ensure that the information is correct and up to date. Reviewing credit reports helps to catch signs
of identity theft early.