[BreachExchange] What Is Data Theft?

[Audrey McNeil]

http://safety.lovetoknow.com/personal-safety-protection/what-is-data-theft

There were over 450 data breaches in the United States that led to nearly
12.7 million records to be exposed in 2016. Data theft is a growing problem
in the United States and around the globe. While it's impossible to
innoculate yourself completely from data theft, you can take steps today to
protect yourself and your family from these potentially harmful attacks.

What Is It?

Data theft is the act of stealing digital information stored on computers,
servers, or electronic devices of an unknown victim with the intent to
compromise privacy or obtain confidential information. Information can
include anything from financial information, like credit card numbers or
bank accounts, to personal information, like social security numbers,
drivers license numbers, and health records. Once only the problem of large
businesses and organizations, data theft is a growing problem for everyday
computer users.

Company Data Breaches

A majority of data theft occurs through company data breaches. Ponemon
Institute report found that 43 percent of all companies within the United
States had at least one data breach in 2013. Some data breaches are due to
hackers, but about 80 percent of all data breaches occur because of
employee negligence.

Businesses and organizations are often the target of data theft, but it is
the customers and clients that are the victim. For example, in 2014 over 56
million people across the United States had their credit card information
stolen at Home Depot. A similar issue happened the year before at Target.
This information was then sold on the "Darknet" where cyber-criminals used
the information to buy goods online unbeknownst to most victims.

How Does Data Theft Happen?

Data theft occurs through a variety of means. Most often, it happens
because someone hacked into a computer system to steal sensitive
information, such as your credit card or personal information, or an
employee at a company mishandled the information. With an increasingly
digital world, hundreds of different businesses and organizations hold your
personal information, such as your social security number, mailing address,
birthdate, and bank account information.

Even with new technological advances, cyber-criminals are able to adapt and
find ways to hack into systems to steal data, especially retail companies
that house payment information. Most companies have data breach plans in
place, but many employees don't know they exist or are unsure the plans
will work. It is extremely important that all companies that handle
sensitive data educate and train employees on how to handle sensitive
information.

What To Do If Your Are A Victim

Unfortunately, data breaches can go unnoticed for a long time. Even if the
breaches are identified quickly, cyber-criminals have probably already sold
your sensitive information to other criminals. Most states require
companies who have been breached to notify potential victims of the data
breach. Depending on the type and severity of the data breach, companies
may offer free credit monitoring or other tools to help protect your
information further.

If you believe that your credit or debit card information has been stolen
through a data breach, contact your credit card company or bank immediately
to cancel the card. Additionally, activate an "initiate fraud alert" for 90
days to notify lenders they need to take extra verification steps before
extending credit. You may also need to file an identify theft report with
the Federal Trade Commission (FTC) and your local police. FTC reports can
be completed online.

How to Protect Yourself

Data theft is a real problem and it can happen to anybody. While there is
no way to completely prevent data theft from happening, there are multiple
steps you can take today to limit your risk.

Pay using cash instead of credit or debit cards.
Use a credit or debit card with pin-and-chip technology.
Protect your computer from viruses and malware by installing, using, and
updating antivirus and anti-spyware software on all your computers and
electronic devices.
Keep all operating systems and software programs up to date by regularly
installing updates to security, web browsers, operating systems, and
software programs as soon as they become available.
Don't open questionable emails or email attachments as they could be
phishing emails.
Regularly check your credit card statements and credit report for
unauthorized charges and new credit lines.
Use a strong, unique password for all websites that require logins.
Regularly change these, especially if an account password has been
compromised in a data breach.
Use only secure Wi-Fi connections.
Properly dispose of documents containing sensitive information through
shredding paper and removing all data from electronic devices.
Secure your network and internet connection through a firewall and secure
password.
If you run a business that holds sensitive information, ensure your
employees are properly trained in handling the data and employees
understand the company's policies in regarding to sharing sensitive
information.

Data Theft Isn't Going Away

Unfortunately data theft isn't going away any time soon. In fact, every
year the number of data breaches increases. It is important to take steps
to protect yourself from data theft. Start by using the internet safely and
know what to do if you are a victim of a major data breach. By being
proactive today, you can reduce your risk of being a victim of data theft.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170206/7053daf0/attachment.html>