The risk of identity theft is a concept most of us will be familiar with given the rise in cybercrime and data breaches. However, a new report from the Identity Theft Resource Center and DIG. Works has shown that most employees do little to protect themselves when they learn that an employer’s data breach has exposed their personal information.
Also, making your personal information vulnerable to cybercriminals is not a direct attack on employers. For example, a recent ransomware attack on Kronos, one of the largest human resources companies, could affect the number of employees who are paid and track paid leave. Personal information such as bank account numbers may also be exposed. Moreover, most people have no control over how their employers use their information, so using an active identity theft protection and credit monitoring service is just one of the tools needed to protect against identity theft.
Even more worrisome is that once you have the information, you may not even know what to do. A surprising number of respondents (16%) in the new report took no action after being notified of a data breach. Less than half (48%) only changed passwords on compromised accounts. Only 22% changed all passwords. This is a surprising statistic, given that most of the 1,050 adult US consumers surveyed were victims of data breaches, and more than half of social media users had their accounts compromised.
Here are some insights into why data breach victims are failing to respond.
According to the survey, 26% believe there is nothing they can do about it because the data is already available. 29% believe that the organization responsible for data protection will solve the problem. 17% didn’t know what to do. And 14% thought the notice was a scam.
Data breaches expose employee and consumer information
The data breach has affected companies as diverse as Facebook and Yahoo, to Costco, UnitedHealth, T-Mobile, and more. Among the information exposed are the customer’s credit card information, password, e-mail address, phone number, resident registration number, etc.
Stolen information can be used by thieves or sold on the dark web, resulting in victim identity theft and financial loss.
You victims of data breaches, it is better to act quickly. Here’s why: If action is not taken, it may leave you vulnerable to further attacks and continue the risk of identity crimes.
What to do if you believe you are a data breach victim
Here are three steps you should take if you believe you may be a victim of a data breach.
1. Log in to the compromised account and change your password.
Change your password as soon as possible. Also, change your username if possible. If you can’t log in, contact the company directly and ask what happens or shut it down completely.
Weak passwords are the easiest way for hackers to gain access to your account. If you’ve ever been tempted to use “password1” or “qwerty” as your password, handing out data on the street is a good idea. According to the survey, only 15% of respondents claimed to use a unique password for each account. While the remaining 85% admitted that they reuse passwords across multiple accounts, some argued that using variations of the same password in different accounts was still a risky practice.
2. Consider issuing a credit freeze and fraud alert for all three credit bureaus.
Credit freeze and fraud alerts are great ways to help protect your privacy and credit from being used by identity thieves to open new accounts. Credit freezes offer the best protection because unlike fraud alerts, they never expire. Fraud alerts usually expire after one year.
A fraud alert tells potential lenders to contact you, usually by phone, and verify your identity before extending a new credit. If someone tries to issue a new credit card or borrow money in your name, they will contact you and you can take action to suspend the new account.
Credit freeze prevents lenders from accessing your credit report without authorization. Credit freezes usually stop access to your credit reports, so most lenders won’t be able to see your information until they lift the freeze.
When you set up a credit freeze, also known as a security freeze, you are assigned or asked to generate a PIN code or password that can be used to unfreeze your credit files. If you or someone else applies for a new line of credit in your name, the lender will not be able to see your credit report and your application will be stopped. Freeze is free for anyone to use, whether or not they are victims of identity theft.
If you want to freeze all your credit reports from the 3 major agencies, you need to contact each of the 3 major agencies. credit bureau separately. You will be asked to provide personal information, including your social security number, photo ID, and proof of residency. You will also be asked to answer questions confirming your identity.
The freeze remains in place until you ask your credit bureau to lift it temporarily or remove it entirely. If you make a request online or by phone, the credit bureau must unfreeze it within an hour. If you request by mail, the Bureau must lift the freeze within 3 business days of receiving the request.
3. Use identity theft protection and credit monitoring.
If you are concerned about data privacy, having a team of experienced cybersecurity experts on hand is the best way to stay safe. Proactive identity theft prevention and credit monitoring are essential to protecting your identity.
Identity theft protection can include alerting you to suspicious activity, monitoring your credit report and, if you become a victim, identity theft insurance.