by Brian Thompson | Sep 22, 2022 | Breach, Identity Theft
So we hear ads about Identity Theft Protection pretty much every day now. But what’s ID Theft Protection, and what is the benefit?
Why should you care?
Because this is happening every day to people you know…causing stress, anxiety, problems at work and with family, and sleepless nights!
First, identity theft is not entirely avoidable, but there are things you can do to protect yourself. An Identity theft protection service can alert you to potential fraud and restore your identity if it gets stolen.
Identity Theft providers do the hard work for you. They do this by searching for your personal information on the dark web, social media, and other databases that can indicate bad actors have your information. Victims who are protected with an Identity theft protection program can turn to recovery advocates. Recovery advocates work for the provider and are specialists in Identity Theft Recovery services. The advocate will take over and complete tasks on behalf of the victim to ensure all concerns and steps are taken care of properly. Many services also offer insurance that can offset legal fees and other expenses related to restoring your identity.
What is identity theft protection?
Identity theft protection services monitor websites and databases for signs of your personal information, such as your social security, driver’s license number, medical ID, and bank account numbers.
When the provider finds your information where it should not be, they will send an alert suggesting a variety of actions. Monitoring will include a variety of places including sources such as, but not limited to:
- Dark web
- *Credit Monitoring
- Social media
- Change of Address Monitoring USPS
- Home Title Changes
- Court Records
- Utility, cable, or wireless services
- Payday loan applications
- Public Records
*Many identity theft protection services also include credit monitoring features. This generally provides notifications when credit is pulled and for changes to your credit report. Changes such as an increase in a credit card balance or a new account opened in your name, can indicate fraud.
And if your information is compromised, identity theft protection services kick in and help you resolve the issue. Most providers also include identity theft insurance, which offers up to $1 million for eligible expenses associated with resolving and restoring your identity, plus assistance from experts.
Buy or not to buy?
Identity theft protection services provide “Peace of Mind with a Place to Turn”. They help you detect fraud early, making it easier to stop the damage before it becomes an even bigger headache. These services are not free but they are a proactive solution to securing your personal information.
Before you sign up for one of these services, take time to understand how these services work to spot fraud and help you restore your identity. Just like in any industry, not all programs are the same. Pay close attention to the Recovery aspect of the service specifically!
Mitigate, Insure against losses, and be a resource when identity theft happens. The peace of mind comes with a nominal fee. Ask your employer if they offer Identity Theft Protection as an employee benefit!
by Brian Thompson | Jul 20, 2022 | Breach, healthcare, Identity Theft
Do healthcare breaches and Medical ID Theft go hand in hand?
I first want to refer back to an article from about two years ago titled Telehealth Creates Creates Cyber Risks. In the article, I stated that “the COVID-19 pandemic has increased consumer risks through cyber scams and medical identity theft.”
Fast forward one year to August 4, 2021 article titled Healthcare Data Breaches Most-Common Threats to Date in 2021. The article states, “the healthcare sector is once again in the top position as the most breached economic sector” and “healthcare has been at or near the top of the (data breach) chart since at least 2017.”
And again this year, we have seen the trend continue. Hackers hit health companies, insurers with increasing regularity – Inside
But Why Medical Records?
A primary reason ID theft criminals and cyber thieves target healthcare providers is the Electronic Health Record or EHR. EHR is the collection of patient information into a digital record. EHRs significantly improve administrative efficiency and medical proficiency through shared networks and exchanges.
A typical EHR includes
- medical history,
- medications,
- allergies,
- immunizations,
- laboratory test results,
- and radiology images.
Your EHR also includes your
- billing information such as personal information (e.g. date of birth, home address, and Social Security Number),
- insurance information,
- and financial information (e.g. credit card number).
Unfortunately, ID theft criminals and cyber thieves are mostly interested in your personal, insurance, and billing information. For this fact alone, healthcare data breaches continue to be “in the top position as the most breached economic sector.”
Things to Think About
Every health insurance plan you have ever had has your and your family’s Social Security Number (SSN). Almost every healthcare provider (such as a doctor of medicine or osteopathy, podiatrist, dentist, chiropractor, clinical psychologist, optometrist, nurse practitioner, nurse-midwife, or clinical social worker) that you or a family member have been to has your Social Security Number.
So back to the title of this article – Do healthcare breaches and Medical ID Theft go hand in hand? – the answer is a resounding YES based on the Personal Health Information or PHI that is collected, stored, and transferred through your Electronic Health Record.
To make matters worse, this article titled Organization Wide PHI Access is Commonplace at Most Healthcare Orgs reported that “nearly 20 percent of (PHI) files were open to every employee at a given healthcare organization starting on their first day of employment, pointing to troubling data security issues and poor PHI access controls.”
Based on the fact that cyber thieves are stealing healthcare data and are finding new ways to monetize phishing (fraudulent emails), vishing (fraudulent phone calls and voice mail messages) and smishing (fraudulent text messages), consumers need to pay attention to data breach news in general and healthcare data breach news in particular.
To conclude, consumers can also reduce their risk of medical identity theft by safeguarding their health insurance cards, and regularly reviewing credit reports, medical benefit explanations, medical bills, and prescription bills.
by Brian Thompson | Jun 29, 2022 | Breach, Identity Theft
Whether you are a consumer or a small-business owner Identity Theft should be top of mind. Protect yourself and your business by using these 10 tips to reduce your risk of identity theft.
First, what is Breach Fatigue or Alarm Fatigue?
Alarm fatigue is when we get desensitized to safety alerts and as a result, ignore or fail to respond appropriately to warnings. Breach Fatigue however is more specific. It’s when small business owners and consumers start to ignore the headlines of identity theft and data breaches. Fatigue desensitizes both business owners and consumers to be less likely to proactively protect themselves against the risks of identity theft.
Be proactive and prepared with these 10 Tips
Being proactive and prepared can reduce your exposure to the risks of identity theft.
Personal privacy
- Be more vigilant and hands-on with your personal-privacy settings. Also, be aware that most apps lack basic security defenses and create some sort of privacy issue.
- Stop ignoring terms and conditions. Read, understand, and use privacy settings and be diligent about your social networking. Beware of fake accounts unless you want to be a partner in your own identity theft.
- Protect your vehicle documents as if they were cash and regularly check for unusual activities after purchasing a vehicle.
- Read and understand the privacy policies of every organization you have a relationship with. Know how your information is protected, saved, analyzed, sold, and/or disclosed.
Identity theft
- Synthetic identity theft and fraud is an emerging threat. Check your credit-bureau report quarterly at no cost through annualcreditreport.com.
- No password is “unbreakable”. Do not make it easy for identity theft criminals by using weak passwords, or the same passwords.
- The best defense against phishing is to be aware that it happens every day. Assume you are being “phished” until you verify the source of an unexpected e-mail or call.
Cybersecurity
- Businesses need to understand that a data breach is inevitable. Your business profits, brand, and reputation depend on your data-breach response plan.
- Create a data breach response plan to safeguard your business against insider threats. Conduct pre-employment background screening, regularly test your business and information-security access controls, and regularly review your data retention policy.
- Cyber insurance may be a good option to help your business minimize today’s cyber-risks. Work with your insurance broker to determine your cyber-risks and the best coverage for your organization.
“the best defense is a good offense”. This strategic principle used in business, sports, and military combat for years and is very relevant for this discussion.
Protect yourself and your business by using these 10 tips to reduce your risk of identity theft. Because being proactive instead of having a passive attitude (e.g., breach fatigue) will help both small business owners and consumers be better prepared against everyday threats.
By Mark Pribish
Practice Leader, Identity Theft and Data Breach Services
by Brian Thompson | Apr 20, 2022 | Breach, Identity Theft
by Brian Thompson | Feb 9, 2022 | Breach, Identity Theft, Uncategorized
Two years ago I wrote an article asking the question Is Your Digital Identity Safe? Two days ago I read an Infosecurity Magazine article stating Identity Theft Will Get Worse. It appears that Hackers are coming after you in 2022!
Specific to your digital identity and today’s threat landscape for consumers and small businesses, cyber thieves and ID theft criminals have evolved to the point where hacking and data breaches will happen at any time and can affect anyone.
As for the statement “identity theft will get worse,” the fact is that 2021 surpassed the all-time record for data breaches exposing the Personally Identifiable Information (PII) of millions of Americans.
As a reminder, examples of PII include:
- Name: full name, maiden name, mother’s maiden name, or alias
- Personal identification numbers: social security number (SSN), passport number, driver’s license number, taxpayer identification number, patient identification number, employee or student identification number, financial account, or credit card number
- Address information: street address, or email address
- Telephone numbers
- Personal characteristics: photographic images (particularly of face or other identifying characteristics), fingerprints, or handwriting
- Biometric data: retina scans, voice signatures, or facial geometry
- Information identifying personally owned property: VIN number or title number
- Asset information: Internet Protocol (IP) or Media Access Control (MAC) addresses that consistently link to a particular person
And now our digital world, combined with a two-year pandemic, has consumers and small businesses worried. There is so much uncertainty in our world and cybercriminals, and their new scams are adding to the challenge.
Consumer?
If you are a consumer, recent digital risk examples making today’s headline news include How to avoid buying fake Covid tests online and BBB warns consumers of hackers posing as apps like Paypal and Venmo to steal your money.
Cyber thieves and ID theft criminals depend on human nature and emotion such as an individual’s tendency to trust others (e.g. phishing and vishing) and desperation (e.g. the chaos of supply chain shortages such as Covid-19 tests). These phishing and vishing tactics and fake websites have gained attention in recent weeks over the increasing number of identity theft victims.
Small Business Owner?
If you are a small business owner – trusting others and desperation are common risk factors just like a consumer – but it gets worse as Cyber risks top worldwide business concerns in 2022.
According to the just-released 12th Annual Allianz Risk Barometer Survey, cyber incidents at the top of the list. This is only the second time cyber has been at the top of the list in the survey’s history.
Cyber incidents, ransomware attacks, data breaches, or major IT outages worry businesses more than anything else. They worry businesses even more than a business interruption, supply chain disruption, or the COVID-19 pandemic.
To conclude, cyber thieves and ID theft criminals continue to find new and innovative ways to steal your personal information.
Both consumers and small business owners need to keep security education and awareness top of mind. Protecting our digital identities is crucial because hackers are coming for you in 2022.
Mark Pribish
by Brian Thompson | Dec 9, 2021 | Breach, Identity Theft
The last two years have created an opportune environment for bad actors ensuring the Cyberdemic will continue into 2022.
As we continue to migrate our lives into the digital world with remote workforces and comfort we increase cybercriminals’ opportunity for attack. This year we have seen a significant shift in the focused attacks on supply chains, home networks, and a gigantic increase in healthcare breaches.
In its latest Data Breach Industry Forecast released Monday, Experian has 5 predictions that underscore the ongoing impact of the pandemic on cybersecurity. Criminals will continue to focus on the remote workforce, the healthcare system, and will begin to narrow their targets to exploit the weakest technologies.
5 Breach Trends for 2022
- Remote Workforce
Those working from home will certainly be targets for those looking to hack into your business. According to the report, home wireless networks are more vulnerable than business VPN’s. Businesses will need to focus on securing employee connections and education.
- Infrastructure
Biden’s infrastructure bill and the trillions of dollars approved by Congress will be a target. Electrical grids, dams, and transportation networks will be heavily targeted by foreign and domestic cybercriminals. Criminals will likely be looking to target funds at disbursement by using phishing and CEO fraud.
- Digital Assets
Cryptocurrencies and NFT’s (Non-Fungible Tokens)– will become greater targets for hackers as they gain more popularity. As we begin to understand and accept these assets as normal and useful, so will the criminals. Chances are, they are just waiting to realize their worth and inevitability.
- Natural Disasters
Natural disasters often bring out the best in those doing their best to help. People will donate to organizations that aim to give aid and help those who have been affected. Criminals will take advantage of our distress and target charitable giving by phishing and masking themselves as the organizations we trust. To complicate things further, supply chains will be broken and unreliable, making important emergency goods difficult to source… another vulnerability that hackers will exploit.
- Gambling
As more and more states are legalizing gambling, phishing scams will target the growing online gambling community. Common scams will include stolen credit card information, account hijacking, or creating sites that appear to be legitimate casinos.
The Identity Theft Resource Center reports that there have been 1,291 breaches in 2021 as of September. There were 1,108 in all of 2020, which is a 17% increase in just three quarters of the year.
The past two years have caused so many disruptions in our way of living and working but we need to increase our personal and professional focus on privacy. As a result, the Pandemic has created an abundance of opportunities ensuring the Cyberdemic will continue into 2022.
