Don't become complacent with cybersecurity

Updated August 19, 2019
Don't become complacent with cybersecurity

Data breaches have become uncomfortably common. In the past five years, more than six billion user accounts were hacked during the six biggest data breaches alone. With hacker attacks occurring every 39 seconds in the US, it’s easy to become despondent and complacent about cybersecurity.

Even though you may have already been the victim of a data breach, you still need to stay vigilant every single day. After your data is stolen, it is often sold on the dark web.

There are five key targets the biggest data breaches in modern history share.Monitor with personal data on it

  • Your full name
  • Email address
  • Physical address
  • IP address (each computer on the internet has a unique numerical ID defining it's physical location.)
  • Credit card information

We asked Norm Hinman, cybersecurity administrator for the City of Roseville, for his advice about staying safe in the face of seemingly endless cyber-dangers:

  • After so many data breaches, is there any practical reason for users to continue cybersecurity practices? Isn’t all my information already out there? Why should I care? You should care because every breach is different.  If you haven’t switched to strong and different passwords for every system you log into, the next breach or even a previous breach could provide thieves with passwords needed to access your email, your bank accounts, retirement accounts, credit card logins, etc.  You may want to consider using an ID theft protection subscription. This service will send you a notification if you are the victim of a new breach and to check if your email was involved in any previous breaches.
  • There’s been thousands of cyber-attacks in the past few years, and I haven’t noticed any direct effect on my life or my family.  Should I be concerned?  Much of the stolen data from these hacks and data breaches is up for sale on the Dark Web.  Years after the initial breach, it can be purchased and used to attack you.  Maintaining vigilance is essential to protect yourself should your data be used in a future attempt to steal your identity.
  • What’s the best course of action for me moving forward? You can secure all of your existing logins by using different strong passwords on each system and by enabling a multi-factor authentication such as Google Authenticator. Going forward, continue to follow safe-computing practices for all new accounts you set up. You can’t change your past, but you should care about how easy it is for strangers to access existing data. Information about your past such as family history and past addresses can be used to steal your identity by enabling criminals to answer password reset questions, etc.  For now, the U.S. does not have laws to prevent data brokers from compiling and selling information about you. What you can do is request them to delete your information. There are many of these sites and each of them seems to have a different procedure to request deletion of your data, but it is worth doing to protect yourself. Here is a list of data brokers and links to their opt-out forms.

Everyone needs to take steps to protect their personal information.  A good start is to request a copy of your credit report from each of the three major credit reporting agencies—TransUnion, Equifax, and Experian.  Only one website is authorized to fill orders for the free annual credit report under Federal law — annualcreditreport.com.  Federal law allows individuals to get a free copy of their credit report every 12 months.  Examine your report to ensure that the information is correct and up to date.  Reviewing credit reports helps to catch signs of identity theft early.