The information provided on this website does not, and is not intended to, act as legal, financial or credit advice; instead, it is for general informational purposes only. Information on this website may not be current. This website may contain links to other third-party websites. Such links are only for the convenience of the reader, user or browser; we do not recommend or endorse the contents of any third-party sites. Readers of this website should contact their attorney, accountant or credit counselor to obtain advice with respect to their particular situation. No reader, user, or browser of this site should act or not act on the basis of information on this site. Always seek personal legal, financial or credit advice for your relevant jurisdiction. Only your individual attorney or advisor can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client or fiduciary relationship between the reader, user, or browser and website owner, authors, contributors, contributing firms, or their respective employers.
Credit.com receives compensation for the financial products and services advertised on this site if our users apply for and sign up for any of them. Compensation is not a factor in the substantive evaluation of any product.
Increasingly, in the aftermath of a big news data security item — whether it takes the form of a high-profile mega breach (think: Office of Personnel Management, Anthem, Sony Pictures, Home Depot, Target) or a low-tech data grab — an odd phenomenon happens. First, there is what you might call the “water cooler” phase — news of the breach comes up in casual conversation. As the news coverage quickly moves on to whatever else is happening in the world, those conversations move on as well. The next thing that happens, unfortunately, is a widespread case of collective amnesia.
At least part of the reason this amnesia sets in is that we don’t talk enough about what these breaches and compromises mean on the consumer level. If you have ever found yourself in the sights of an identity thief, you know all too well how horrible life can be after you press send on an e-filed tax return and you’re blocked because you already filed, open that letter from a collection agency for a debt you’ve never heard of, are refused coverage by an insurer, or are denied a loan for a new home, car or investment because your credit has been compromised. But for many consumers, the attack takes the form of a credit card account takeover, which is more a nuisance than anything else. And this low-fallout scenario may be why a significant number of people move on to the next news item after a breach. We’re used to thinking the bank will make everything all right.
But it’s not always so simple.
Meanwhile, the increasing number of high-profile compromises reveals a generalized apathy in the face of data insecurity—or worse still, resignation. The fact that more than a billion records containing personally identifiable information are already out there and for sale on the information black markets is no longer headline news. The notion that identity theft is now the third certainty in life, right behind death and taxes, is increasingly a truism among informed consumers. So, in the face of that, what does one do? As I outline in my forthcoming book, Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves, I urge readers to start thinking in terms of the three M’s: Minimizing risk, Monitoring your identity and Managing the damage.
The threat to email and the practice of stashing work documents on non-secure email accounts definitely falls under the heading of the first M: Minimizing risk.
Here are a few points to bear in mind:
As we bounce from one breaking news story to the next, there is very little talk in the way of what consumers can do to better protect themselves from what we should call “the new data insecurity.” If the head of the CIA can be hacked, it doesn’t only mean that you can be hacked, too. That should go without saying. What it means is far more alarming: We aren’t learning anything.
This story is an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.
Image: Blend Images
October 19, 2023
Identity Theft and Scams
May 17, 2022
Identity Theft and Scams
May 20, 2021
Identity Theft and Scams