By Richard McGrath, CIC, LIA
We still don’t know the extent of the damage done by Chinese hackers, who were able to steal information about more than four million employees from the computers of the U.S. Office of Personnel and Management. The latest revelation is that the theft may have also included the Social Security numbers of 18 million Americans.
That’s still small compared with the 2013 hack into Target’s computers, which yielded the debit and credit card data of 40 million customers. In addition, though, the hackers stole addresses, emails and other data of up to 70 million Target shoppers.
These are two of the largest cyber breaches ever, but smaller cybersecurity cases happen every day, harming millions of Americans a year.
In its 2015 Identity Fraud Study, Javelin Strategy & Research reports that $16 billion was stolen from 12.7 million U.S. consumers in 2014. That’s a small decrease from 2013, when $18 billion was stolen from 13.1 million victims. The decrease reflects the increasing attention cybercrimes are receiving from law enforcement agencies, American businesses and others.
Regardless of the drop, as the Chinese hacking case demonstrates, identity theft and other cybercrimes are still a growing problem. They are especially onerous, because cybercrimes can be committed from halfway around the world.
The scope of the problem is further defined by the Consumer Sentinel database, maintained by the Federal Trade Commission, which contains 30 categories of fraud-related consumer complaints. Identity theft ranked first in 2014 for the 15th year in a row, accounting for 332,646 complaints.
Protecting Your Identity
It is difficult and sometimes nearly impossible to identify and prosecute hackers, as they are often located in foreign countries. The best approach is to take steps to prevent identity theft and other cybercrimes from happening, and to make certain that you’re properly insured in case they do.
When you report unusual purchases to your credit card company, they will typically be excluded from your bill and a new card will be issued. Additional protection is needed, though. Your homeowner’s insurance may already include identity theft coverage, but if it doesn’t, the National Association of Insurance Commissioners estimates that it can be added for only about $25 to $60 a year.
Coverage may include credit alerts, account and credit monitoring, and reimbursement for costs associated with repairing your credit history if you are a victim of identity theft. Benefits are typically limited to $15,000 and some policies have deductibles of $100 to $500, so ask your insurance agent for a recommendation to ensure that you are getting the best deal.
Preventing Identity Theft
Insurance coverage will offer protection only after the identity theft takes place. What can you do to prevent it from happening in the first place? Javelin suggests the following:
Secure your mobile devices. It’s increasingly becoming a mobile world. If your smartphone or tablet is stolen, cybercriminals will know how to use it to gain access to your personal information. Updating your software as updates become available can help protect your personal information. Take advantage of any other security capabilities that may be available, such as encrypting contents and adding the ability to delete the contents remotely if the device is stolen.
Try to avoid using wi-fi in a hotel, airport, coffee shop or other public place, as other users on the same network can easily hack into your computer.
Use strong passwords. Passwords are your first line of defense against cybercrime. Password managers are available that can help you regularly update your passwords and ensure that you have strong passwords that are difficult to identify.
Use EMV and mobile payments. The magnetic strips on your credit and debit cards can make your personal information easily available to criminals. EMV chip cards and mobile payments are more secure and make it more difficult for your data to be misused.
Monitor suspicious activity. Financial service companies, including credit card issuers and brokerages, provide customers with the option of receiving notifications of suspicious activity by e-mail or text. Customers can modify responses to prevent being notified of activities that may appear suspicious, but are not.
Protect yourself appropriately. After a data breach, the company whose data was breached should offer you an identity protection or credit monitoring product designed to protect you against the types of crimes you could be exposed to as a result of the breach. Be certain that the protection you are being offered is adequate and appropriate.
Seek help quickly. Cyber thieves act quickly, as they know that once you discover that your personal information has been compromised you will take action. The more quickly you respond, the more likely you will be to limit any damage. Quick action also increases the likelihood that the criminals will be caught.
Cyber thieves go after the easiest targets. The harder you make it for them to gain access to your personal information, the better your chances of protecting yourself.
Richard A. McGrath, CIC, LIA is President and CEO of McGrath Insurance Group, Inc. of Sturbridge, Mass. He can be reached at firstname.lastname@example.org.
This article is written for informational purposes only and should not be construed as providing legal advice.