The huge data breaches of the past few years, like those of retailers Target Corp., Home Depot and Neiman Marcus, have put more and more people at risk of identity theft. In fact, individuals whose data was exposed in a data breach are three times more likely to be identity theft victims than those who have not been exposed, according to a new report.
This is startling news to anyone who received a notification that their information was involved in a breach, despite any assurances that the info was not believed to be used for fraud. The fact is, they might not even know that their identity has been stolen.
The identity theft data has implications, and lessons, for both merchants and consumers. For merchants, it is a wake-up call that a higher standard of data security is absolutely necessary. First of all, the potential liability from such breaches can be huge. Secondly, consumer confidence and trust are easy to lose, but difficult to earn back. The same study showed than going forward, nearly 30 percent of data theft victims avoided doing business with the merchants who failed to protect their information.
If large corporations are susceptible to such widespread breaches, we know that smaller and mid-size companies are likely even more at risk. They typically have even fewer controls and less robust data protection methods. Even more worrisome is the fact that the risk extends far beyond just merchants.. Hospitals, universities, associations, services and any organisation that stores data to any degree can be a target for cybercriminals. The risk is high and nearly every company is lagging behind in proper data protection.
The experts at CRI Group handle this threat under their Corporate Security and Resilience approach. When working with clients to increase data security, they are quickly assessing the gaps in their protection and applying industry best practices to improve controls. The data breach problem isn’t going to disappear on its own, and companies getting the expert help they need to lock out thieves will be the only approach that discourages such fraud in the future.
Consumers are also having to take action. While those who have had their data exposed are most at risk, anyone should take the following steps to make sure their identity hasn’t been compromised:
· Watch for red flags. Notifications from merchants about purchases you did not make, or from banks about accounts you haven’t opened, are signs that you may be a victim of fraud.
· Change your passwords and check your information online. Especially for online banking and online merchants that you use on a regular basis, you should change your passwords regularly. Also, check both your shipping and billing address in your online accounts to make sure nobody has changed this information.
· Check your credit report regularly. In the U.S., your credit report is free once a year. If you suspect you might be a victim of identity theft, you should take further steps to have a security alert placed on your account and check it on a regular basis. Look for any irregularities – new accounts opened, notices for overdue accounts or collection actions.
Identity theft isn’t going away. The difference going forward will rest with how many corporations take the needed steps to protect their customers’ information. And whether consumers can catch the warning signs of fraud and take action before their finances are severely damaged.