Despite the fact that data breaches across the United States happen on what seems to be a daily basis, many Americans still don’t realize how much personal information is available for thieves to use.
A new phishing and social engineering scam has emerged. Scammers are targeting companies and causing internal data, including employee credentials (logins and passwords) to be compromised and ultimately exposed.
To help understand the Internet, think of it like an iceberg. At the top is the Surface Web. This includes the Internet you use every day to make online purchases, get the news or update Facebook. Just as the tip of an iceberg sits above the water, the surface web is visible and easily accessible.
Beneath the surface resides the Deep Web, consisting of abandoned websites, government databases and other private sites, both legitimate and illicit, that are not meant for public use. These sites are almost always password-protected and on encrypted networks. Similar to an iceberg, this underwater portion is not visible above the waterline, but it is in fact estimated to be 6-25 times larger.
The IRS recently announced cyber criminals were able to steal information from over 100,000 Americans’ tax returns. The thieves created phony returns and stole refunds by completing a multiple-factor authentication process including private data and non-identity information (e.g. social websites). As information-based crimes are on the rise, it is important to understand where criminals are retrieving this information. Below are five probable ways criminals obtained sensitive information:
Another medical insurance company, Premera Blue Cross has become the victim of a data breach beginning on May 5, 2014. Although the company did not learn about the breach until January 29, 2015, it is believed that close to 11 million Premera Blue Cross members, employees, and partners could be impacted. The information that could be exposed includes date of birth, Social Security number, mailing and email addresses, phone numbers, medical records, and potentially bank account and claims data. It is believed that this breach may have connections to the January Anthem breach that potentially impacted 80 million subscribers. Premera Blue Cross has announced they will only be contacting victims via mail only to protect against phishing scams.
Maybe you lucked out and were not impacted lately by a data breach but you are worried about future data leaks. While data breaches are often not preventable by the victim, there are a few steps that you should take to prevent your information from being exposed for easy access:
We have become all too familiar with data breaches as a new one seemingly hits the front page every day. Just because it is common, does not mean you should be comfortable with data breaches.
Within the first six months of 2012 there have already been 213 data breaches from various sources, ranging from medical centers, universities and online websites. Ninety six (45.1%) of these breaches involved the exposure of Social Security Numbers and forty one (19.2%) involved the exposure of a credit or debit card.
There was a data breach early last month that exposed 1.5 million credit card numbers. A breach compromising credit card numbers only was reported by Global Payments, a credit card processor, who said that the matter has been “absolutely contained.” This is one of the larger data breaches in the past several years.