The latest online hack at Equifax, which has compromised the personal information of as many as 143 million Americans has left many baffled as to how companies protect the information of their customers. Equifax has created a security website detailing the breach and offering advice on follow-up actions for consumers. People’s names, Social Security numbers, birth dates and addresses were among the identifying information that were stolen, the company said. While data breaches seem all too common these days, for those who don’t understand what is happening, here’s a basic breakdown of what a security breach is and why they’re so destructive.
The truest definition of a data breach is “…an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.”
Essentially, data breaches are terrible and despite our great leaps in technology security, they still happen all too often.
In 2013, retail giant Target was the victim of a large-scale data attack, which exposed 40 million debit and credit card accounts. Yahoo was attacked by hackers between 2013 and 2016, exposing the data of customers of its services.
Data breaches do not discriminate, but a few things are certain: they are destructive, they are expensive, and they can wreck a company and brand. Symantec and the Ponemon Institute estimated in an analysis that the average total cost of a data breach is nearly $200 per record affected.
There are a few reasons why data breaches happen, but the crux of the issue is someone, somewhere, wants access to personal data, usually for personal information that can be used for purchases, credit accounts, and more. Hackers also rely on other sensitive information—name, email, address, or social security numbers, — for selling purposes to turn a profit.
Hackers search for this data because it can be used to make money by duplicating credit cards, and using personal information for fraud, identity theft, and even blackmail.
People are affected when their records were part of the information stolen from big companies. In such cases, it is best to take note of the following practices:
- Notify your bank. Verify your account details and change PIN codes.
- Double check email addresses from incoming emails. Cybercriminals can pose as bank representatives and ask for credentials.
- Do not click suspicious looking links or download files from unknown sources.
- If credentials or financials have been tampered, contact the breached company and ask if they can assist in enrolling in a fraud victim assistance program.
Data breaches are silent attacks, which is why relying on the latest security features, whether for merchant accounting and computing, or storing data, can help to mitigate these risks.
Properly disposing data is another way to prevent a data breach. In addition to investing in the latest encryption technologies, companies should always rely on hard drive destruction services through the use of commercial shredders. Data is impossible to retrieve once it has been pulverized through shredding trucks, which is just one small measure in the fight against data theft.
You Might Also Like:
- 5 Ways to Improve Data Security Today
- Heads Up, Small Businesses: Take Your Data Security Seriously
- Data Hoarding? Shred Those Drives and Unused Documents
- The Yahoo Data Breach: What Have We Learned?