Data Breaches: Why You Should Care and What You Should Do

Have you been hearing the term “data breach” in the news a lot recently? That’s because there has been a string of sensational breaches from corporate giants like Sony, Epsilon, Citigroup, and Lockheed Martin. A data breach is when a company inadvertently leaks your personal information as a result of a hack attack, lost or stolen computers, fraud, insider theft, and more. Privacy Rights Clearinghouse explains how to follow the breaches, why consumers should be concerned and what to do if a data breach happens to you.

How to Choose an Identity Theft Monitoring Service

If you’re thinking about purchasing identity theft monitoring services, there is now a “shopping guide” that will help you choose the best service for you. The Privacy Rights Clearinghouse (PRC) participated in a task force hosted by the Consumer Federation of America to develop a set of guidelines for the identity theft monitoring industry. Members of the task force, which included industry, consumer, and government representatives, researched the industry for 16 months and recently published Best Practices for Identity Theft Services (PDF). The report provides a blueprint for what identity theft monitoring services should be doing.

CFA Issues Best Practices for Identity Theft Services

On Thursday, March 10, 2011 the Consumer Federation of America (CFA) released Best Practices for Identity Theft Services (PDF) to address consumer concern about misleading marketing and exaggerated protection guarantees. Identity theft services typically monitor individuals’ credit reports for any activity, including inquiries and new accounts, and monitor public records for postings such as liens and judgments. Anomalies could be a sign that the individual is a victim of identity theft. The best practices are the result of 16 months of research and discussion by a multi-stakeholder task force that included Privacy Rights Clearinghouse (PRC) along with other consumer advocates and representatives of industry and government.

Comments to California Dept. of Public Health: Medical Information Breach Regulations

Consumers enter a hospital or another care facility in California should not have to worry that their health and financial data might end up on a social networking website, in the tabloids, in a dumpster, or in the hands of an identity thief. Yet, instances of the breach of healthcare data in California continue at an alarming pace.

Is Your Computer a Zombie?

Has your computer or smart phone become a resource to commit malicious acts against other persons and companies? By taking advantage of a wide variety of computer vulnerabilities, your device may become a zombie that is under the control of a criminal that conducts crime using electronic devices (e-criminal). Once an e-criminal has control, not only is your device being used to attack other systems, anything stored on, or typed into, that device is also compromised.

In the past the malware focused on causing harm to the device such as making it crash or capturing keystrokes for the purpose of gaining access to bank accounts or credit card information.  As e-criminals continue to evolve their destructive goals and increase damage to their targets, they realized the need for substantial computing resources and a way to avoid being detected.  To achieve both of these goals, malware was developed enabling e-criminals to take over network-attached devices; a very cost effective solution!

500 Million Sensitive Records Breached Since 2005

The most recent total from the Privacy Rights Clearinghouse’s Chronology of Data Breaches shows more than a half billion sensitive records breached since 2005, leaving Americans vulnerable to identity theft. Employees losing laptop computers, hackers downloading credit card numbers and sensitive personal data accidentally exposed online -- the Chronology of Data Breaches shows hundreds of ways that the personal information of consumers is lost, stolen or exposed. The Chronology of Data Breaches, a project of the Privacy Rights Clearinghouse since 2005, lists incidents involving breached consumer information, such as personal medical records, credit card numbers and Social Security numbers.

The most recent total, published August 24, 2010, is a wake-up call to consumers who think identity theft can’t happen to them. The Privacy Rights Clearinghouse estimates that the Chronology shows only a fraction of the total number of data breaches.

Disasters and Your Privacy

Nobody likes to think about the possibility of a natural disaster or a terrorist act.   But as victims of natural disasters such as Hurricane Katrina can attest, it’s important to prepare for a disaster before it happens.  Certainly, your first concerns in an emergency should be your safety and basic needs such as shelter, food and water.  While there are many resources that can assist you with those concerns, this alert will focus on protecting your privacy and personal information during and after a disaster.

It’s important to realize that different types of disasters are likely to result in different consequences.  You may be asked to shelter in place, to evacuate to a facility in your own community, or possibly to relocate to a far-off location in another state.  Or you may choose to stay with a relative or friend.  Likewise, you may be able to return to your home after a short while, or there may be an extended period of absence.  In the worst case, your home and its contents may be completely destroyed.

Census Scams -- You Can Count on It

Now that the April 1st mail-in deadline has passed, Census employees are expected to make home visits to those individuals who did not return their Census forms.  Census workers will begin visiting private homes on May 1st.  Be careful. Scam artists posing as Census workers may engage in a number of tactics to collect personal information about you to commit fraud.  Typically, scammers will seek to obtain information such as your Social Security number or financial information.  Don’t fall for the trap!  At Census time and throughout the year, guard your personal information carefully. 

If you are not certain of the legitimacy of a request for information from the Census or any other organization, ask questions.  Do not provide any personal information until you have verified the identity of the requester. Read our tips so that you don’t fall prey to a scammer.

Third Privacy Roundtable - Comments Submitted to Federal Trade Commission on Sensitive Personal Information

The Privacy Rights Clearinghouse (PRC) respectfully submits the following comments to the Federal Trade Commission for its consideration in the third Privacy Roundtable, to be held March 17, 2010. 

In addressing the FTC’s question regarding what information is considered sensitive, we draw primarily from the PRC’s records of consumer complaints. Two general observations are:

  • The type of information consumers consider to be sensitive varies widely.
  • Even directory information – names, addresses, and phone numbers – is considered to be extremely sensitive to a significant number of individuals.

 

Pages

Showing 1-10 of 62 results
Subscribe to Identity Theft & Data Breaches