On July 29 Capital One announced a major data breach affecting 106 million customers. They tried to assure customers saying it is “unlikely that the information will be used for fraud or be disseminated by the hackers.” Hopefully that’s true. But Capital One is only the latest company to fall victim to a major security breach, and it will certainly not the last.
The 21st century has already seen some of the biggest data breaches in history. Here is a partial list compiled by CSO Security News:
• Yahoo 2013-2014—3 billion accounts affected
• Marriott International 2014-2018—500 million accounts affected
• Adult Friend Finder 2016—412 million accounts affected
• eBay 2014—145 million users compromised
• Equifax 2017—143 million consumers exposed
• Heartland Payment Systems 2008—134 million credit cards exposed
• Target Stores 2013—110 million customers compromised
A list of major data breaches so far in 2019 shows 85 incidents as of August 9. And now Capital One. Most have probably heard about the Facebook and Instagram incidents in April and May, respectively. But have you heard about the My Pillow, Dunkin’ Donuts, or Dow Jones breaches? Maybe not.
So, with potential exposure seeming to increase every day, what’s an individual to do to protect themselves? Unfortunately, there is not a lot one can do to prior to a major breach. Maybe crawl under a rock, never get a social security card, never drive a car, and pay only in cash. Beyond that, you’re exposed. It’s knowing what steps to take after potential exposure that’s important. Here are some suggestions:
1. Pay attention to the news. If you are a potential victim, the company will notify you eventually. But don’t wait.
2. Try to figure out exactly what type of data was compromised.
3. Don’t panic (completely) but certainly be concerned. Companies are usually responsible for fraud charges or stolen account numbers. However, breaches often lead to other more serious consequences such as stolen identities and computer hacking.
4. Check the company’s website or contact them if you think you may be affected by their breach.
5. Never trust any correspondence about a breach that comes to you personally and is unsolicited. Independently verify the source using publicly obtained contact information.
6. Freeze your credit or establish fraud alerts on your credit reports. They are a prime source of obtaining information to open phony accounts in your name. Contact all three credit reporting agencies—Experian, Equifax, and TransUnion.
7. Cancel or close any credit cards or bank accounts if you reasonably believe they were or could be compromised.
8. Change all passwords, codes, and security questions on all accounts and devices. You should be doing this regularly anyway.
9. Get your free credit report at annualcreditreport.com.
10. Carefully monitor all your account statements.
11. File tax returns early to preempt any identity thief who may try to file for you.
12. If you have been exposed in any way, be on high alert for scammers. If they have your information, they may very well try to take advantage of you. And some of them sound very legitimate.
We are all potentially exposed by data breaches and avoiding that exposure is virtually impossible. But be alert, know what to do. and react immediately if you become a potential victim.