7 Minute Read
These days, it seems like hackers can get access to nearly anything—like social media accounts, voting systems, major retail stores’ mobile apps, and credit bureaus just to name a few. And now you can add mortgage documents to that list!
First American Financial recently fixed a vulnerability that potentially exposed over 885 million sensitive records of buyers and sellers’ personal information.(1) The defect in their website gave access to documents containing mortgage and tax records, bank account information, Social Security numbers, and driver's licenses as far back as 2003.
While being a part of a data breach doesn’t automatically mean your identity will be stolen, it does put you more at risk to becoming a victim of identity theft.
What is a data breach?
A data breach is a security incident where personal and confidential information is stolen by another individual. The information compromised can include things like your name, birth date, street address, health care history, customer lists, Social Security number, and bank account information. If the company or organization discovers an unauthorized individual has viewed that information, they’ve had a data breach.
How is a data breach different from identity theft?
Identity theft involves someone actually using your private information—usually for their own financial gain or to impersonate you. You might think you qualify as an identity theft victim if your personal information was exposed in a data breach. But the good news is, that’s not always the case! Breathe easy.
Never worry about ID theft again. Get covered in minutes.
Recent Data Breaches
Some data breaches seem more “minor” in nature because the information they gather feels less significant (like Facebook’s misuse of private data that impacted a potential 87 million users).(2)
Sure, gaining access to information like names, email addresses, and passwords might not seem as harmful as someone having your Social Security number. But any data breach can leave you at risk of identity theft if the hackers want to use that information against you. Even a breach of less sensitive information like the one with Under Armour’s MyFitnessPal users can still affect millions of people—150 million, to be exact.(3)
Just reading the words “data breach” probably makes you think of one of the most notorious breaches in recent history. It’s hard to forget the far-reaching Equifax blunder that exposed Social Security numbers, birth dates, home addresses, tax ID numbers, and driver’s license information of potentially 148 million people.(4)
The sad truth is, a lot of the industries we trust to keep personal information safe are prone to being hacked.
|Company||Date||Potential People Impacted|
|First American Financial Corporation(5)||May 2019||885 million|
|Marriott Hotels(6)||Nov 2018||500 million|
|SunTrust Banks(7)||Apr 2018||1.5 million|
|Panera Bread(8)||Apr 2018||37 million|
|Mar 2018||87 million|
|Under Armour||Mar 2018||150 million|
|BJC HealthCare(10)||Mar 2018||33,420|
|Jason's Deli(12)||Jan 2018||2 million|
|Uber(13)||Nov 2017||57 million|
|Equifax||Sept 2017||148 million|
To find more recent breaches, visit the Privacy Rights Clearinghouse.
How do these data breaches happen?
It seems like big-time security measures should be enough to keep hackers at bay, but no safety measure is surefire. Large-scale or minor data breaches can happen anytime a hacker or anyone who isn't authorized gains access to sensitive files or information. And they happen a lot more often than you might think.
So, who or what is to blame for making these trusted corporations prone to data breaches? Anything as minor as a weak password can cause a breach. Sometimes it's a missing security patch or a system glitch that's at fault. And a company can unknowingly trigger the leak of information themselves too! This type of incident is known as an "accidental data breach" and can be caused by things like failure to follow password guidelines or public-facing web services.
Whatever the case, these types of data breaches don't seem to be slowing down. A recent report by McAfee shows that the global cost of cybercrime is approaching $600 billion.(14)
How do I know if I’ve been affected by a data breach?
If a company has experienced a data breach, they’re required by state law to let you know about it.(15) Although it’s news no one wants to hear, you can at least become hyperalert in keeping an eye on things.
What can I do to protect myself from data breaches?
Here’s the bad news: there’s not a whole lot you can do to protect yourself from a data breach. These days, your personal information is out there somewhere on plenty of different platforms—and no company is 100% secure from a breach.
Now here’s the good news: it’s not all doom and gloom. There are plenty of common security practices you can put into place to help protect yourself before a breach happens. Shred documents with your personal information listed, never keep your Social Security card in your wallet, and be cautious about who you share your personal information with. And don’t forget to arm yourself with identity theft protection.
What can I do to protect myself from identity theft after a breach?
If a company with your information has a data breach, there are a few important steps you can take to avoid becoming a victim of identity theft. Remember, a breach doesn’t automatically mean your identity has been stolen.
Many companies try to be as helpful as they can to figure out if your data was compromised following a breach. After Facebook’s recent data breach, they let users log in to discover if their profile information was shared with Cambridge Analytica.(16) And many companies will go a step further and provide you with free credit-monitoring services for a year or more.
Change Your Passwords
It’s a good idea to go ahead and change your passwords—especially if you use the same password in multiple places. Hint: don’t use the same password across accounts! Using the same password for all your social media profiles, email addresses, and bank accounts is just asking for trouble. Instead, you should always use unique passwords and change them every 90 days.
Creating diverse passwords can be tricky. But whatever you do, don’t rely on a phrase or anything that is easy to guess. (Sorry, that means famous quotes and maiden names aren’t good fallbacks.) Get creative!
- Use a combination of uppercase and lowercase letters
- Use special characters
- Make your passwords long (12 characters minimum)
- Use random words strung together (instead of “merrychristmas” try “GrinchHome@loneElf18”
Check Your Credit Report
Okay, we aren’t worried about your credit score here (actually, we never are). Instead, look through your credit report to see if anything suspicious or odd stands out to you. You can get one free credit report per year from each of the three major credit-monitoring bureaus. This means you can check your credit report every 3–4 months.
According to a 2018 Data Breach Investigations Report from Verizon Enterprise, 68% of breaches over the past two years took several months or more to be discovered!(17) If you can stay on top of your credit report, you could have the upper hand in noticing suspicious activity.
Look for red flags like these:
- Inactive accounts that suddenly have activity on them
- A line of credit appears that you didn’t open
- Your personal information is incorrect
- A good standing account is in collections
- A credit inquiry pops up that you didn’t apply for
We know it can be annoying to sift through your bank transactions each day. But then again, if you can make time to scroll through your social media feeds, you should be able to make time to keep your money and identity safe.
Your bank should alert you if they see anything irregular going on—but don’t rely on that. It’s much more beneficial if you are the one checking your account every single day.
Get Identity Theft Protection
A solid identity theft protection program can help keep you from being a sitting duck waiting for identity theft to find you. Be proactive! Make sure you’re prepared before you become a victim of a data breach. You actually can take action to protect yourself from identity theft!
Safeguard yourself and your family from the nightmare of identity theft. Zander Insurance’s identity theft protection program can give you the security and peace of mind you need.