Your Life And Privacy
A security breach occurs when personal information like your Social Security number, medical record, bank account or credit card number, held generally in electronic format by a business, government agency, or nonprofit organization, is exposed in an unauthorized manner.
This can happen through, for example, loss or theft of a computer or flash drive, hacking, or unintentional disclosure (a business sends an email intended for you containing your personal information to somebody else). A breach may result in criminals obtaining and using your information.
State and federal laws require breaching entities to notify breach victims. If you receive a notice, it is important to do what you can to protect yourself from further victimization:
1. Read the Notice. It should state when the breach occurred, what data was affected, and provide contact information so that you can ask questions.
2. Beware of Fraudulent Contact. Only approach the breaching entity by a phone call you make or directly through its website.
Don’t provide information to anybody who calls claiming to be from the breaching entity, or in response to an email (or a link within) purportedly from the breaching entity. These could be fraudulent.
3. Credit Monitoring Services. If the breaching entity offers free credit monitoring services, sign up. While not foolproof, credit monitoring, which monitors your credit report regularly, can pick up signs of identity theft, enabling you to stop it early.
4. Close/Re-Open. Close affected password-protected and financial accounts (bank, credit, and debit cards), including those you’re not sure have been affected, and set up new ones.
If you get an email from any source requesting additional information about a compromised account or card, do not reply. This could be a fraudulent “phishing” attempt.
5. Look for Signs of Criminal Activity. Check your credit card, bank, monthly bills or financial statements regularly for transactions you did not make. If you see signs of fraud, report this to the affected organization.
6. Check Your Credit Report. By law, you are entitled to a free annual credit report from each of the Big Three credit reporting agencies (Experian, Equifax, TransUnion). If you space this over a year, that’s one free report every four months. Check your reports carefully and follow up on errors or inconsistencies.
7. Use a Fraud Alert/Security Freeze. Consider placing a Fraud Alert or Security Freeze on your credit report through the Big Three credit reporting agencies. These can make it more difficult or impossible for a criminal to open a credit card or other account or obtain a loan in your name using breached information.
In 2011, according to the Identity Theft Research Center, a nonprofit group that tracks security breaches, approximately 23 million records were exposed. 2012 breaches include Zappos, the shoe retailer, with potentially 24 million records exposed, and Global Payments, a credit card payment processor, with ongoing investigation showing 1.5 to 7 million records breached.
While most breaches do not result in identity theft, a 2011 study by Javelin Strategy and Research found that security breach victims are more than four times likely to be victims of fraud. Don’t panic if you receive a security breach notice, but don’t ignore it. Read it and take action.