In August 2024, a massive security breach leaked the personally identifying information (PII) of nearly 3 billion people. Because the databases leaked were from a background check provider, the information revealed included full names, current and past addresses, family information, and — worst of all — social security numbers.
The potential consequences of a data breach
Considering the power that social security numbers have, the leak could have profound consequences. "While SSN is just one of the PII data points, the number by itself is insufficient for anyone to make any conclusion. It's just a number," explains Ed Watal, founder and principal of leading digital IT agency Intellibus. "However, if combined with other data points like the person's name, address, or phone, it can potentially be used for identity theft."
Although breaches of information like this are somewhat common, meaning much of the information in the database has already been leaked by previous breaches, experts warn that this could be used as an "anchor database" for wrongdoers.
As Yashin Manraj, CEO of Pvotal Technologies — a developer of enterprise cybersecurity software — explains, "Perpetrators could use this data with more recent leaks of specific websites to secure financial data and resources from monetizable sources, such as banks, exchanges, crypto forums, and email services."
Protecting your information in the wake of a breach
Thankfully, consumers can avoid these consequences by taking certain precautions and proactive steps that will allow them to take swift action should any wrongdoers attempt to abuse their information. Firstly, one could sign up for a credit monitoring service (if one is not provided by their bank or credit card company) that will constantly monitor their credit information for unusual activity and take precautionary measures. If this is not affordable or provided to them, consumers can use free online tools to check whether their information was included in the data breach.
However, financial experts also recommend that consumers do their own due diligence when it comes to monitoring their information and accounts. Marcelo Barros, Global Markets Leader at cybersecurity education gamification platform Hacker Rangers, suggests that consumers "start by closely monitoring bank and credit card statements for any unauthorized transactions. Place a fraud alert on your credit report to ensure that new credit requests are carefully scrutinized. For enhanced protection, consider placing a credit freeze with the credit bureaus to prevent new accounts from being opened in your name. However, be aware that this could affect your ability to obtain new credit."
Barros also suggests that consumers take caution when it comes to their identity information. "Stolen information can be sold and traded on the dark web, so stay alert for any unusual activity associated with your name," he explains. "Check with the affected company to see if they could offer identity theft protection services that can alert you to misuse of your information. If you suspect identity theft, visit IdentityTheft.gov for assistance with reporting and recovery."
Consumers should also take steps to protect their accounts now that their personal information has been revealed. Cybercriminals and wrongdoers can use much of the information contained in the breach to access consumers' accounts, whether through direct access or as answers to "security questions" based on personal information.
As for how consumers can protect themselves from these threats, Manraj suggests, "Use a password manager such as Bitwarden or Keepass to automatically change, manage, and maintain complex, unique passwords for each online service to prevent the reuse of old passwords and use predictable patterns from their past leaked services. Also, set up two-factor authentication (2FA) with Google Authenticator or Microsoft Authenticator with all essential services — ideally all services — as soon as possible to reduce the speed at which hackers access or change essential services if their identity and passwords have been compromised."
"If the breach involved compromised login credentials, change your passwords immediately and enable 2FA for added security," Barros adds. "Last but not least, remain vigilant. Clean up your personal data online and delete accounts and information from websites you no longer use. This helps reduce your risk by minimizing your digital footprint."
Watal also suggests that better education about the risks of identity theft could help curb its negative impacts. "Consumers can build their general awareness of identity theft mechanisms and safeguards from things like phishing, pretexting, skimming, and dumpster diving," he says. "This way, they can prevent other data points from being stolen beyond their social security number, like date of birth."
Although a breach like the incident mentioned above is certainly scary for consumers, they can remain vigilant about their personal information by following the advice of these cybersecurity experts.
Image Credit: Unsplash
This post was authored by an external contributor and does not represent Benzinga’s opinions and has not been edited for content. The information contained above is provided for informational and educational purposes only, and nothing contained herein should be construed as investment advice. Benzinga does not make any recommendation to buy or sell any security or any representation about the financial condition of any company.
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Comments
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
