Follow by Email

Wednesday, February 18, 2015

There’s been a breach

The morning’s news related yet another story about a major electronic breach into some of the world’s largest banks computer systems. Since the fall of 2014 it seems like every month we hear about a new breach. If not banks then major retailers or healthcare systems. The private information we entrust others to keep safe is being violated on a regular basis.

Try as you might to stay off the “grid” by paying cash, getting paper statements, or banking in person, eventually you will be a victim of identity theft or some sort of financial intrusion. Either because of convenience or because a utility or bank demands you use an electronic system, it is difficult to navigate in today’s world without having some portion of personal data stored on some institution’s computer.

Personal data

Ever check out at a store that you shop infrequently and they ask for your address, phone number, or name, and you’re in their system? Freaky right? At some point you’ve provided them with your personal information. Larger companies own smaller companies…your personal data is bought and shared daily.

Tax season is upon us and it’s a good bet that when you file your taxes, electronically of course, your return will be rejected by the IRS because, surprise, the return associated with your social security number has already been filed. 

The IRS estimates that more than 550,000 falsified tax returns have been filed in the last seven years. When your SSN has been compromised the IRS issues you an electronic identification number for future filings. This solution should keep your tax information safe, as it is a unique number. But so was you’re your SSN at the time it was generated.

We use to worry about someone stealing a driver’s license or credit card. If that didn’t happen you didn’t have much to worry about. Years ago, while working as an undercover detective, and when I say “years ago” I mean before there was a computer in every home and a world wide inter web of computers.  A senior administrator had a briefcase stolen that contained contact information for all of the detectives. Not just name and phone numbers but addresses, birthdays and yes the coveted social security number. Not sure what we called it then, but it wasn’t a breach. But in today’s terminology, the breach compromised so much personal information what could one do? You couldn’t completely change everything. In those days though we were more concerned with operational security than identity theft. Yes, identity theft occurred, but not on the level or frequency as today. Plus, the criminals at that time weren’t as sophisticated in that skill set as they are today.

We knew that if we worked hard and fast to recover the documents, we could determine the extent at which the information had been distributed. The faster the culprit was caught, the less chance the information could be distributed. Today, your information can be stolen from a third party vendor’s database by a criminal in another country and uploaded to a distribution network all from a keyboard, in a matter of minutes.

Document, document, document

The tenets of the paper world of long ago still hold true. Identify the breach and work fast to stop the leak.
Once you’ve identified a problem, you need to start working to quickly plug the leak. Contact the source in which you became aware of the breach-credit card, driver’s license, IRS, etc. Get that entity started on resolving the issue. File a complaint with the Federal Trade Commission, your State’s Attorney Generals Office, even the FBI if you seem to be apart of a larger breach. File local police reports also. It may seem for naught but you’ll have a record of the report and a case number to go with any other complaint filings. Most of the entities you will deal with, including law enforcement, have online complaint forms. It doesn’t take long and you can get it done in less than a day.

Document, document, document, everything you do and the entities you’ve contacted. Keep your notes for future reference.

Consider a monitoring program. There are lots of companies out there that perform this service. Of course do your research and choose wisely. If the breach occurred from a major retailer, financial, or health institution, they may offer some sort of credit monitoring or identity repair service for free. Take advantage of it.

No comments:

Post a Comment