No One Is Safe From the Data Breach Epidemic
Another day, another data breach… or so it seems when news of massive new data breaches appears in the news. As technology progresses it becomes easier to house and analyze increasing quantities of data, with a corresponding increase in the scale of cyberattacks.
Data breaches damage business reputations and hurt consumers in many ways. The data security industry has become a major niche sector, and the data security price tag has become a considerable expense for most companies. Cybercrime is a highly profitable industry and costs a company on average of $3.92 million per incident according to IBM.
What Is A Data Breach?
According to Norton, a data breach is a security incident in which information is accessed without authorization. Data breaches are not just caused by outright ‘hacking’ where cybercriminals use exploits or other targeted attacks for the express purpose of gaining access to information. A data breach can also occur when personal information is accidentally exposed through non-criminal means.
What Information Do They Steal In Data Breaches?
The short answer is ‘everything they can’. Full names, credit card numbers, Social Security numbers, and other financial information are regarded as the jackpot for an immediate payday. Other personal data that might be gleaned from membership lists or social media such as preferences in travel, cars, or lifestyle may initially be worthless, but hackers can, and do, use such low-key personal details for social engineering of malware attacks or identity theft.
The Type Of Stolen Data Matters
It’s quite easy and quick to cancel and replace stolen credit cards, and if you learn of a breach in which credit card details were stolen early enough it’s conceivable to beat the criminals to the goal post.
However, when your Social Security number gets compromised in tandem with other unique, sensitive personally identifiable information (PII) with a long term value that never expires, they can do a lot of mischief before you stop them.
The medical industry seems to be a top target. Apart from your SSN, your private health information (PHI) seems to be very effective for shaping social engineering campaigns, phishing and spear phishing attacks, and identity theft and can be used multiple times before it is discovered.
Stolen medical information can also be used to get ahold of prescription drugs, obtain expensive medical care for an uninsured patient, or file fraudulent insurance claims. Hackers can obtain credit using your credentials, and either go on spending sprees leaving you with massive debt, or keep returning to the well for small amounts. They can even obtain government-issued documents such as a driver’s license or a passport.
Is There A Data Breach Epidemic?
Most computer users are familiar with the term ‘phishing’. Will anyone who has not received a COVID-19-related lure recently please raise your hand? No hands? The trend has been steadily accelerating, and the worst is yet to come.
Phishing agents use a generic approach to lure users into their web and just spread the bait across as many email addresses they can find. However, ‘spear phishing’ is a (phishing) campaign aimed at a specific company. A criminal will research individuals at the target company to identify IT power-users and other people who may have access to the kind of information they need to obtain trade secrets or for database penetration.
Domain registrars are recording the listing of thousands of domains with keywords like ‘relief,’ ‘stimulus,’ ‘rebate,’ or ‘refund.’ Both individuals and organizations can soon expect a barrage of phishing lures like: ‘New funding measures,’ ‘How to get your relief check,’ or, ‘Your company qualifies for additional funding.’
Hackers will, without a doubt, successfully penetrate many organizations in the coming months. The COVID-19 pandemic is an opportunity for cybercriminals to peel open small, medium, and large companies like tins of sardines to flood the market with updated, fresh new personal data.
How Can I Defend Myself?
Assume that your personal information will be stolen within the next year. Start with the steps outlined below and diligently monitor your online life.
1. Don’t use your credit card online
There are several ways to pay for things online. A cryptocurrency is a secure form of payment. You can buy a gift card for most retailers and e-commerce businesses, or use an e-wallet or virtual debit card service like Privacy or Blur.
2. Stay up to date with data breaches
Most states require companies to inform customers of data breaches in which their personal information has been exposed. However, that still leaves the other half of the data breaches which go unreported or unremarked. Subscribe to a service like the highly regarded Have I Been Pwned for more peace of mind.
3. Actively monitor your financial records
Act immediately if you notice unfamiliar activity. Financial irregularity from data breaches often appear much later and the damage may be low-key and incremental. There have even been cases of people buying houses and immediately reselling them under someone else’s name as a way of laundering money.
4. Get a complete data profile regularly
This is doubtless the easiest way to find irregularities. Data aggregators use remarkably advanced custom search tools to fetch information legally from all corners of the internet. Their search queries can find credit checks, social security data, criminal records, driver licensing, and any other information that appears online.
They flesh out the hard data with knowledge gleaned from social media platforms. They can spot tagged photographs, comments on public discussion forums, mentions in local news publications and articles, and many other bits and pieces from the internet. In this process, they unwittingly but invariably pick up information that was revealed in data breaches.
Your deep-dive personal profile can be alarmingly complete, and will unquestionably contain highly personal details. Nuwber clients use their reports to spot strange activities.
Remember that identity theft takes place for many reasons other than stripping your credit card for quick financial gain.
Discovering that you recently got married on your trip to Egypt may be cause for concern if you’ve been working away quietly at your desk in Sitka, AK…
I hope you got value from reading No One Is Safe From the Data Breach Epidemic.
Engage with us about this article on Twitter. Tweet any questions or comments to @ThorupMikkel!
Data breaches damage business reputations and hurt consumers in many ways. The data security industry has become a major niche sector, and the data security price tag has become a considerable expense for most companies.
— Mikkel Thorup | Author & Podcast Host (@ThorupMikkel) June 30, 2020
Like Our Articles?
Then make sure to check out our Bookstore... we have titles packed full of premium offshore intel. Instant Download - Print off for your private library before the government demands we take these down!