Yes, I said it. I know this may seem a bit out of the mainstream, but it is true. Just as recently as this week, Norton/Lifelock announced that thousands of accounts were breached potentially allowing hackers to access password managers. And this is just one of many, many data breaches that take place every year. Even if the company we did our direct business with, a contractor with that company can be hacked. All the technology in the world cannot compensate for an employee clicking a bad link. Hackers have more resources at their disposal than ever before. The days of hackers having to have mad hacking skills like Matthew Broderick in War Games is largely gone. Anyone with enough money can buy the pre-made hacking program on the Dark Web. And, unfortunately, some companies just don't care. They have the money to pay the fines and lawsuits after the fact.
On top of that, having an identity stolen is very costly, potentially in the tens or even hundreds of thousands of dollars. After a data breach, most companies will offer some credit monitoring. But the cash is often lacking. For example, the Equifax Data Breach recently settled for approximately $425 million. However, the breach affected approximately 147 million people. This works out to approximately $2.89 per person. And not everyone will get that money. There are conditions on that. You can only be compensated $25.00 for up to 20 hours spent on time spent dealing with fraud or recovering your identity. This is only $500.
To be clear, I am not suggesting that we all throw up our hands and give up. We still need to do our best to protect data. We should still aim for effective passwords, great firewalls, great and constant training, etc. We need to do what we can.
But, this is never going to be enough. We need to assume that our data will be breached and that, for the large part, we cannot rely upon the companies that lose our data to effectively help us out.
So, what can we do? Here are four tips.
First, understand that this is not a question of if, but when our data will be breached. This is a mindset. We have to take responsibility for our own data.
Second, find good insurance. Some homeowners policies have identity theft coverage, though it may not be a lot. It is worth checking out. Some anti-virus companies like McAfee, et al. also offer funds to deal with identity theft as part of their software packages. It is worth looking into this. Some companies offer up to $1 million.
Third, try to use the same card or cash when you shop. This will ensure that only one card is affected if it is hacked. Use only a single card when shopping online. If you use a debit card, set up a separate checking account for online purchases and put the money in the account as you use it.
This will mitigate any risk to your personal finances.
Finally, lock your credit accounts. This won't protect you if the major credit reporting agencies get hacked. But it will prevent (or at least slow down) anyone wanting to open a new credit account in your name.
For more information or for guidance on a personal or company data privacy plan, please call Aisen Law, PLLC.
Comments