Little Caesars is currently airing a commercial (here) that shows a family so frustrated with trying to order a pizza online, that they “go off the grid”. The wife then suggests that they pick up a Hot-N-Ready pizza from Little Caesars… and they go back on the grid! Wouldn’t it be great if life’s problems could be fixed with a pizza.
Going off the grid seems a bit tempting, in light of all these data breaches that have occurred at such places like Target, Staples and even PlayStation networks. Customer information including name, address, social security numbers, credit card information and even tax and income information are seized by hackers.
The title of the blog “The Cyber Theft Fight” sounds more like a movie than a blog title. Unfortunately, it has been brought right to my own doorstep.
A couple of years ago, I received notice from the state of South Carolina that all tax records had been breached. They basically told me not to worry but that they would provide for free, a credit monitoring service. I didn’t feel that confident nor was I excited about my new service.
Now, the second largest health insurer advises that it has been breached. Soon, I expect to receive notification that they also will provide me with a free credit monitoring service. Kind of like, “we burned your television out, but don’t feel bad because we will give you free Netflix for your computer.” So more on my “burned out TV” analogy.
Anthem Insurance notified its customers last week that it had been hacked, but it quickly moved to calm the concerns of its 80 million members to assure them that their medical data had not been taken.
That doesn’t make me feel good knowing that the information taken could now be a treasure trove for thieves.
Unfortunately, going off the grid or ordering a Little Caesars pizza will not fix this. The Hacker News describes what went wrong and also tells about a lawsuit that has been filed by one customer in California. (article here)
Forbes.com also lists six things that you can do to protect yourself after a data breach. Professor Gregory S. McNeal specializes in data protection. I have copied and pasted his six recommendations below:
1. Get a password manager. After every data breach, the advice is the same — change your password, make sure it is complex, and don’t use the same password or username across various websites. That is simply too hard for you to do without a password manager. Most of us have multiple online accounts, you probably have multiple email addresses, an Amazon account, a few credit card or online banking accounts, student loan accounts, Facebook, Twitter, LinkedIn, DropBox, Evernote, etc. You simply can’t remember all of those usernames and passwords, so chances are you’re using the same username and password, or you’re changing the passwords slightly by adding an “*” or “#” or changing around the capitalization. That’s not secure, as experienced criminals will use your base password and sophisticated software to crack your other passwords. You may think you’re being creative, maximizing convenience and security, but in reality you’re merely maximizing your convenience.
How does a password manager change that equation? It provides you with strong, unique passwords for all of your accounts, and keeps them in a secure encrypted vault on your device. There are many password managers on the market
2. Stop recycling user IDs and passwords. Building off of recommendation #1, if you use the same Anthem user id or password across sites, stop doing that, and change all of your other passwords. Remember, hackers sometimes try stolen IDs and passwords on different sites to gain control of other accounts. That’s why it’s a bad idea to recycle credentials.
3. Don’t confirm or provide personal information in response to an email or text, and don’t click on links in unexpected messages. Legitimate companies won’t ask for bank or credit card information, social security numbers, passwords, or other sensitive information through unsecured channels. The Anthem breach included names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data. Criminals may use this stolen information to send email or texts that appear to be from people or sites you trust.
4. Review your credit card and bank statements often. If you see charges you don’t recognize, contact the fraud department at your bank or credit card provider right away.
5. Check your credit reports – for free – every few months. Monitoring your credit report is a good way to find out if someone has opened credit in your name. You’re entitled to a free report every 12 months from each of the three credit bureaus: Equifax, Experian and TransUnion. To get your report, visit AnnualCreditReport.com or call 1-877-322-8228.
6. Use two factor authentication. Two factor authentication is an extra layer of protection beyond your password. First you enter your username and password as usual, then a code is sent to your phone via text, voice call, or mobile app. Only after you enter that code will you be allowed to access your account.
Something to think about! Cyber-criminals seem to be getting more sophisticated. It sure is frustrating because it seems that more and more information is being put on file, while it appears that businesses are taking less safeguards to protect our information. But don’t worry, maybe they will throw in a free Amazon Prime Membership.
And for pic o’ day, I am going back to one of my favorites. The old-fashioned criminals: