BreachExchange mailing list archives
25% of Data Breaches Turn Into ID Theft
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Sun, 3 Nov 2013 23:05:10 -0700
http://www.thestreet.com/story/12088972/1/25-of-data-breaches-turn-into-id-theft.html So you got an email, text or phone call from your bank or credit card provider that includes the words "data breach." If those words don't make the hair on the back of your neck stand up, they should. Once you hear the term, there is a good chance the words you hear next will be "identity theft." So says a report from Javelin Research, which estimates that a quarter of all data breaches related to credit and debit cards lead directly to I.D. theft. That means that of 16 million Americans warned that their credit or debit card had been compromised, about 4.4 million wound up losing money and fighting the ghosts that come part and parcel with ID theft. That's no mere inconvenience. Javelin says U.S consumers lost $21 billion to identity theft last year, and it cost them up to 37 hours to fix the problem. In addition: - 1.26 million Americans notified of a data breach involving their Social Security numbers were victimized by identity fraud. - 270,000 Americans notified by a data breach on their online banking accounts saw fraudulent activity on their checking and savings accounts. - 324,000 Americans contacted over a data breach involving their regular checking accounts were victimized by checking and/or savings account fraud. "By breaching the data stores of businesses in the financial, health care and retail industries, criminals can obtain the fuel they need to execute various fraud schemes, and these crimes have crippling consequences," says Al Pascual, a senior analyst at Javelin. If you're warned of a data breach involving your payment card, Social Security number or bank account, take immediate action. Contact any one of the three major consumer credit bureaus,TransUnion, Experian or Equifax (EFX_), and request a fraud alert on your account (you only have to contact one; that firm will relay the fraud alert to the others). A fraud alert lets potential creditors know not to approve any further credit in your name while the alert remains active. Also, generate new passwords for your key financial accounts (if you have one password for all of your accounts, as many Americans do, it's that much easier for I.D. thieves to compromise your assets). Also, watch your bank account and credit card for any suspicious activity -- your bank or credit card firm will be doing the same thing, ideally, but don't take it for granted.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: # OWASP http://www.appsecusa.org # Builders, Breakers and Defenders # Time Square, NYC 20-21 Nov o()xxxx[{::::::::::::::::::::::::::::::::::::::::> Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- 25% of Data Breaches Turn Into ID Theft Audrey McNeil (Nov 04)