Home > Identity Theft > 12 Places Your Data May Not Be Safe (And What You Can Do)

Comments 0 Comments

Data compromises and the identity-related crimes that flow from them are now the third certainty in life, right behind death and taxes. That said, there is plenty you can do to stay as crime-proof as possible.

According to Risk Based Security, more than 4.2 billion records were compromised worldwide in 2016 alone. In truth, the total number of compromised records is unknowable. Here’s what you do need to know: it is a near certainty that most, if not all, of your personal identity portfolio is already “out there.”

How to Keep Your Personal Information Safe

Identity theft is a catch-as-catch-can endeavor. Where there is a will, there is almost always a way. In fact, many, if not most, of us have already been compromised either by a breach or as a result of obsessive (and excessive) overexposure on social media. Enough of our personally identifiable information (PII) is readily available on the web to make us easy targets for phishing attacks and identity-related crimes.

Thankfully, identity theft is often a crime of opportunity. All that vulnerable information still needs to be accessed, which may require more effort than your average identity thief is willing to expend. This is why it’s important to keep your data safe from those opportunistic hands.

Here’s what you need to bear in mind at every turn: It’s likely that you’re going to “get got” with PII that hasn’t been compromised . . . yet.

Though it may seem like a lost cause, you can make yourself a harder target to hit. First, you should follow the three Ms:

Minimize your exposure. Don’t authenticate yourself to anyone unless you are in control of the interaction, don’t overshare on social media, be a good steward of your passwords, safeguard any documents that can be used to hijack your identity, and consider freezing your credit.
Monitor your accounts. Check your credit report regularly, keep track of your credit score, and review major accounts daily if possible. If you prefer a more laidback approach, sign up for free transaction alerts from financial services institutions and credit card companies or purchase a sophisticated credit and identity monitoring program.
Manage the damage. Make sure you quickly get on top of any incursion into your identity and enroll in a program where professionals help you navigate and resolve identity compromises—oftentimes available for free, or at minimal cost, through insurance companies, financial services institutions, and HR departments.

Where to Check Your PII

To minimize your exposure to identity thieves, you’ll want to evaluate places that may not be making the security of your PII a priority. Here are twelve places that may not be keeping your personal data safe.

1. Small businesses: Mom-and-pop shop owners have a lot on their plates, and managing your personal data isn’t necessarily on the front burner. Whether it’s the company that fills your oil tanks, a lawn service, or a local store where you have a tab, ask how they store your information. If they give you a vague answer, ask them to erase whatever they have—and watch them do it, if possible.
2. Children’s sports leagues: Children’s sports leagues need basic information to enroll your child, including medical contacts, names, addresses, emergency contact information, and other data points that can be used in identity-related crime. If you get a vague answer about data storage, ask them to erase whatever they have.
3. Doctors and dentists: You ever see those color-coded files sticking out of open metal cabinets at a medical provider’s office? They contain all the information needed to steal your healthcare services, compromise your financial accounts, or file fake tax returns and divert your refunds. If you see something, say something. Either way, ask your medical professionals how they store your records and request that they be stored securely.
4. Veterinarians: You might not think that your vet’s office could be a point of vulnerability. Worse yet, the possibility of data compromise may not have occurred to your vet, either. Ask how they store your data. Chances are good they will improve their methods once they understand the immediate consequence of lost business for failing to do so. If they don’t respond, ask for your file and vamoose.
5. Gyms and fitness clubs: Increasingly, fitness clubs are on the ball when it comes to data security, but you’ll still want to ask how they store your information. If they don’t have a satisfactory answer, you may want to consider looking for a different gym.
6. Educational institutions: Many people contribute to the care and education of our children. Unfortunately, not all of them are educated in the ways of cyber hygiene, which is why it matters how your child’s information is stored by these institutions. Always ask about it and request that your child’s information be stored securely. Once it no longer makes sense for a particular institution to have personal information about your children, ask that they delete their records.
7. Accountants: While bigger accounting firms are liability-minded, smaller firms and one-person operations may not be as up to date on cybersecurity best practices. In addition to having hard copies of your files, which contain extremely sensitive personal data, your accountant has to send electronic files to the IRS and other state agencies that collect your taxes. Make sure they are using secure networks and store your files securely. If they don’t, it’s in your best interest to look for a more secure accountant.
8. Lawyers: If you’re worried about the amount of sensitive data residing with your accountant, take a moment to reflect upon the sort of personal information that resides with your attorney. It’s okay to have a direct conversation about their data security practices. If there is any pushback, take your business (and your data) elsewhere.
9. Real estate agents: While they may not have a lot of your PII, real estate agents have enough for a thief to get a foothold into your mineable credit. If your agent gives you a vague answer about how they handle sensitive information, don’t give them any—or limit what you share to the bare minimum required.
10. Car dealerships: Car dealerships are focused organizations. While their employees know a great deal about closing deals, they may not know how to close the gates to ID thieves—and because they offer credit, they are in possession of the skeleton key to all your finances: your Social Security number. Make sure it’s safe. You’ll want to check with any other retailers that offer credit as well, since they will also have access to your SSN.
11. Travel agencies: In order for travel agents to do their job, they likely need your name, address, date of birth, contact info, emergency contact information, license or passport number, and credit or debit card number. You need to know how long they will keep it and how they will store it. If you are not satisfied with their explanation, cruise on over to someone else.
12. Home: Your domicile is an El Dorado of personal information, and you need to be able to protect those riches. Store all of your most-sensitive documents in a secure, fireproof location. Better yet, scan and store them in an encrypted, password-protected thumb drive.

Never forget, the ultimate guardian of the consumer is the consumer. No one cares more about the protection of your personally identifiable information and your financial security than you do.

Image: shapecharge

Comments on articles and responses to those comments are not provided or commissioned by a bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by a bank advertiser. It is not a bank advertiser's responsibility to ensure all posts and/or questions are answered.

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

Credit.com receives compensation for the financial products and services advertised on this site if our users apply for and sign up for any of them.

Hello, Reader!

Thanks for checking out Credit.com. We hope you find the site and the journalism we produce useful. We wanted to take some time to tell you a bit about ourselves.

Our People

The Credit.com editorial team is staffed by a team of editors and reporters, each with many years of financial reporting experience. We’ve worked for places like the New York Times, American Banker, Frontline, TheStreet.com, Business Insider, ABC News, NBC News, CNBC and many others. We also employ a few freelancers and more than 50 contributors (these are typically subject matter experts from the worlds of finance, academia, politics, business and elsewhere).

Our Reporting

We take great pains to ensure that the articles, video and graphics you see on Credit.com are thoroughly reported and fact-checked. Each story is read by two separate editors, and we adhere to the highest editorial standards. We’re not perfect, however, and if you see something that you think is wrong, please email us at editorial team [at] credit [dot] com,

The Credit.com editorial team is committed to providing our readers and viewers with sound, well-reported and understandable information designed to inform and empower. We won’t tell you what to do. We will, however, do our best to explain the consequences of various actions, thereby arming you with the information you need to make decisions that are in your best interests. We also write about things relating to money and finance we think are interesting and want to share.

In addition to appearing on Credit.com, our articles are syndicated to dozens of other news sites. We have more than 100 partners, including MSN, ABC News, CBS News, Yahoo, Marketwatch, Scripps, Money Magazine and many others. This network operates similarly to the Associated Press or Reuters, except we focus almost exclusively on issues relating to personal finance. These are not advertorial or paid placements, rather we provide these articles to our partners in most cases for free. These relationships create more awareness of Credit.com in general and they result in more traffic to us as well.

Our Business Model

Credit.com’s journalism is largely supported by an e-commerce business model. Rather than rely on revenue from display ad impressions, Credit.com maintains a financial marketplace separate from its editorial pages. When someone navigates to those pages, and applies for a credit card, for example, Credit.com will get paid what is essentially a finder’s fee if that person ends up getting the card. That doesn’t mean, however, that our editorial decisions are informed by the products available in our marketplace. The editorial team chooses what to write about and how to write about it independently of the decisions and priorities of the business side of the company. In fact, we maintain a strict and important firewall between the editorial and business departments. Our mission as journalists is to serve the reader, not the advertiser. In that sense, we are no different from any other news organization that is supported by ad revenue.

Visitors to Credit.com are also able to register for a free Credit.com account, which gives them access to a tool called The Credit Report Card. This tool provides users with two free credit scores and a breakdown of the information in their Experian credit report, updated twice monthly. Again, this tool is entirely free, and we mention that frequently in our articles, because we think that it’s a good thing for users to have access to data like this. Separate from its educational value, there is also a business angle to the Credit Report Card. Registered users can be matched with products and services for which they are most likely to qualify. In other words, if you register and you find that your credit is less than stellar, Credit.com won’t recommend a high-end platinum credit card that requires an excellent credit score You’d likely get rejected, and that’s no good for you or Credit.com. You’d be no closer to getting a product you need, there’d be a wasted inquiry on your credit report, and Credit.com wouldn’t get paid. These are essentially what are commonly referred to as "targeted ads" in the world of the Internet. Despite all of this, however, even if you never apply for any product, the Credit Report Card will remain free, and none of this will impact how the editorial team reports on credit and credit scores.

Your Stories

Lastly, much of what we do is informed by our own experiences as well as the experiences of our readers. We want to tell your stories if you’re interested in sharing them. Please email us at story ideas [at] credit [dot] com with ideas or visit us on Facebook or Twitter.

Thanks for stopping by.

- The Credit.com Editorial Team