Companies are increasingly becoming aware that their employees can become significant threats to their organization. While most threats come out of innocent actions by employees, some acts are deliberate attempts to compromise a company’s security.
In an effort to identify threats and their sources, employers are engaging firms which can provide monitoring services on employee activity that could potentially cause harm and disruption to the company.
This type of monitoring involves looking at employees’ email patterns and work habits, especially given that many crimes are initiated by cyber thieves who have access to employee email or credentials.
The software-based technology involved identified activities (e.g., logs in, program usage, company databases access and external websites browses) that seem out of the normal pattern of work.
While this may seem a little Orwellian, companies are faced with needing to delicately balance data protection with maintaining employee confidence and protecting their assets.
Companies that offer this technology stress that the programs have safeguards built in to protect employee privacy. This is a new era of constant breaches and cybersecurity concerns and companies are turning to innovation to help them find solutions.
Bloomberg Business recently posted an article about the issue: http://www.bloomberg.com/news/articles/2015-03-12/companies-are-tracking-employees-to-nab-traitors
Another medical insurance company, Premera Blue Cross has become the victim of a data breach beginning on May 5, 2014. Although the company did not learn about the breach until January 29, 2015, it is believed that close to 11 million Premera Blue Cross members, employees, and partners could be impacted. The information that could be exposed includes date of birth, Social Security number, mailing and email addresses, phone numbers, medical records, and potentially bank account and claims data. It is believed that this breach may have connections to the January Anthem breach that potentially impacted 80 million subscribers. Premera Blue Cross has announced they will only be contacting victims via mail only to protect against phishing scams.
What You Can Do:
If you are an InfoArmor identity protection subscriber, rest assured that we are protecting your information. We are continuously monitoring subscriber information for unusual behavior and misuse. If their information was misused during this or any other hacking attempt, we will alert them as soon as we detect suspicious activity.
- Review this PDF on proactive steps to protect against a data breach.
- Enroll in InfoArmor’s identity protection if you have not already. Reach out to your HR department or benefit broker if you are unsure of the link to do so. You can also call our customer service at (800) 789-2720 if you need additional help.
- Stay updated about the scope of the breach; if your company or employee information was exposed, Premera Blue Cross will be required to send out a breach notification letter with information on their free credit monitoring program. Please understand that credit monitoring only protects your credit and highlights fraud after the damage has been done and it is on your credit report. InfoArmor’s identity protection can proactively detect fraud sometimes as it is happening. Our coverage goes beyond credit monitoring alone to provide broader coverage than credit monitoring.
It is important to protect your identity, especially in uncertain times when data breaches are occurring often.
The Federal Trade Commission has revealed that once again consumers’ number one complaint in 2014 was identity theft. Certainly with all of the breaches and cyberattacks that have been in the news over the last year – from Home Depot and Chase to Sony and now Anthem – this may not come as a surprise.
What is more interesting are the statistics behind the announcement. This is the 15th consecutive year in which identity theft has led the list of consumer complaints, and of the nearly 2.6 million recorded complaints; over 332,000, representing 13 percent of responses, were identity fraud- related.
Consumers are rightly concerned about privacy and ID issues in light of the breaches, as those whose information is exposed are three times more likely to experience ID theft.
According to Javelin Strategy & Research, which produces an in-depth report on identity theft issues, $16 Billion was stolen from 12.7 million identity fraud victims in 2014. What’s more, an identity was stolen every two seconds in the last year.
The types of cybercrime that occur are as varied as credit and financial fraud to medical identity theft. When costs and remediation time to restore your credit and identity are factored into the equation, the issue warrants even more attention.
Consumers can do something to protect themselves, and this starts with aligning with an identity protection firm, ideally one which utilizes credit, deep internet, social media, and financial and medical monitoring.
There’s no doubt that 2015 will see more breaches and more cases of ID theft, and the likelihood isthat the number one consumer complaint will again be identity related. Don’t let one of these complaints be yours; take the time now to safeguard your identity.
USA Today shared more about the recent FTC report: http://www.usatoday.com/story/money/2015/02/27/ftc-top-complaints-2014/24115309/
It is no secret that Apple and Google are fierce competitors battling in the phone space with their operating systems. While Apple and Android may be competing for market share, a recent announcement indicates that these two companies share a common issue, one that potentially impacts your identity.
Known as “FREAK attack” millions of individuals could be in jeopardy, as the web browsers on their phones have an imbedded weak encryption protocol that could make them vulnerable to hackers.
If you have been using mobile to search for the best restaurant, what time the movie starts or the score of the game, you may be at risk for future identity theft.
According to the report: “About a third of all encrypted websites were vulnerable as of Tuesday, including sites operated by American Express, Groupon, Kohl’s, Marriott and some government agencies.”
Google and Apple are already at work to rectify the situation and upgrade the security encryption to prevent any hacker attempts, which to this point has not yet been an issue.
What can you do to protect information that may be on your phone, and may be compromised by cyber thieves?
Social security numbers, financial information, address and passwords are all critical data. The best solution is to engage with a privacy partner firm in monitoring activity that could impact you. Credit, deep internet, social media, and financial and medical monitoring are all vital elements to layered protection that can safeguard your identity.
As technologies continue to evolve, the threat to individual privacy and identity assumes an ever greater importance. With a trusted privacy protection ally at your side, you will have the knowledge and peace of mind that you are taking a proactive stance towards identity theft.
CBS News recently posted an article about the issue: http://www.cbsnews.com/news/android-apple-browsers-threatened-by-freak-attack/
Breaking news yesterday, Anthem Inc. released a statement that hackers were able to break into their database and retrieve personal and confidential information of millions. They are unsure how cyber attackers broke into their system but believe that it was a onetime event that occurred last week.
We do not know the exact number of victims or the full extent of the information retrieved from hackers. However, based off of what is being reported by USA Today and released in a statement by Anthem Inc., we believe that potentially 80 million people’s (current and former customers, as well as employees) data has been breached including the following information: names, email addresses, Social Security Numbers, addresses, birthdays, and possibly medical identification numbers.
Please review these steps if you have ever been, or currently are, a customer or employee of Anthem Inc.:
Step 1: Review your InfoArmor account to ensure your personal information is up to date. Also be sure to take advantage of additional features such as activating CreditArmor and inputting information (including medical ID cards) into WalletArmor.
By updating your account information we can monitor the underground market and continue to watch for fraudulent activity using your information, ensuring that we alert you of any suspicious activity or help you begin the process of recovering from identity theft.
Step 2: Change your password of the email account that was used within Anthem’s records and any profile passwords that are associated with this account (e.g. online banks, social media, etc.).
Your passwords should be at least eight characters long and a mix of upper and lowercase letters, numbers, and symbols. Your passwords should not be shared across more than one account.
Step 3: Place fraud alerts with credit bureaus
Fraud alerts are good for 90 days, free of charge and renewable an infinite amount of times. An individual can place an alert with one of the bureaus and that bureau will notify the other two. To place a fraud alert please visit one of these links:
Step 4: Let your bank and credit card companies know immediately
Bringing your bank and credit card companies to attention of this breach can lock down your account against attacks. Banks and credit card companies will actually excuse you from any financial liability caused by data breaches. When dealing with identity thieves, a few minutes can be the difference between losing a dollar or losing everything in your checking account.
Additionally, if you have reason to believe your information has been used to commit fraud, complete the following steps:
Create an identity theft affidavit with the FTC
While you already have a police report in hand, you’ll also want to contact the Federal Trade Commission to build an identity theft affidavit. This affidavit will help you assemble the facts about your case—when the identity theft happened, which accounts were affected, etc.—and get them dated, signed, and notarized. This provides a credible document that you can show to credit card companies, banks, and any other companies you need to in order the fix the damage caused by a data breach.
File a Police Report
For your protection against excessive financial liability, you need to file a report with your local police department as soon as possible. This makes your status as an identity theft victim official. It also creates an official document for you to show the credit bureaus to lock down any activity around your identity.
If you have any questions, please feel free to contact one of our Privacy Advocates at (800) 789-2720. We are available to help you Monday through Friday from 7:00 a.m. to 5:00 p.m. Pacific.
You may have tightened up your personal account information, but what about your webcam, wireless printers, and DVR passwords? A Russian website was recently launched that shows live streaming of 73,000 unsecure webcams categorized by country. The United States had 11,043 webcams visible to the public, showing their intimate, personal, and private life without consent or awareness. There is nothing that can be done legally to stop the Russian group from streaming these videos, so it is up to individuals to take measure into their own hands.
These personal videos were obtainable through unsecure default passwords and usernames of products purchased by the individuals. Any product that is hooked up to wireless connection, needs a password reset to a complex password that hackers cannot break. This is especially important since there are websites that also list out companies and products default usernames and passwords for the public, so all the thieves need is an IP address to access an individual’s personal information. Make sure you take precautions and security control into your own hands by tightening up your homes webcams, printers, and DVR to protect against fraud, extortion, and personal information that could be used in robbery.
As the new year begins, make sure you stay on top of the newest trends and tactics that identity thieves steal individuals’ funds and personal information. This year’s newest strategy is related to victim’s reward points they receive as they fly and stay in hotels. Reward points are just as valuable as money, thus when an identity thief obtains a victims reward login information they can personally use the points for themselves or sell the information on the dark internet, an e-commerce site for hackers and fraudsters. Thieves can also access missing profile information by looking at social media profiles (birthdate, address, email address, etc.) if an individual has not taken precautions to limit the publicity of the information.
To prevent a thief from stealing your hard earned points and other personal information that could be found on your rewards points profile follow these tips:
- Never leave your boarding pass behind, tear it up after your flight, it contains your name, loyalty number, and member status
- Monitor your rewards account just like a bank account (once a week)
- Don’t duplicate passwords for accounts
- Report any suspicious activity or usage that you see on your rewards account