Unless you have been on a news fast, chances are good that you can recall at least a couple of recent major data breaches. Sadly, chances are also good that you might have been a victim of at least one of these epic security breakdowns, resulting in your personal information falling into the wrong hands.
With that in mind, let’s look at three of the most massive security breaches in recent history, as well as what people and/or the companies could have done to make the situation better:
In early September, Equifax, one of three nationwide credit reporting companies, admitted that a giant breach in cybersecurity compromised the personal information of as many as 143 million Americans. This works out to almost half of the people in our country who were impacted by this situation. Compromised info included names, social security numbers, birth dates, addresses and in some cases, driver’s license numbers. Equifax also said the credit card numbers belonging to around 209,000 people were exposed.
Unfortunately, Equifax didn’t announce the breach, which took place between mid-May and July, until over a month later. In a perfect world, a company that finds out it has been the victim of a massive data breach should announce this finding immediately, giving victims the chance to immediately take steps to prevent identity theft. To their credit, Equifax did allow people to check for free if their identity had been compromised; they also dispelled rumors that doing so would result in those consumers not being allowed to take part in any class action suits that may arise.
In general, a solid way that consumers can protect themselves from becoming a victim of identity theft — either through the Equifax snafu or whichever breach may be coming up next — is by signing up for a credit monitoring program from a company. They will keep an electronic eye on all personal data 24/7, and will immediately let you know if something is amiss; then they will take the steps necessary to fix the situation.
Yahoo announced in September, 2016 that it had been the victim of the largest data breach in history — probably by a “state-sponsored actor” — back in 2014. Compromised personal data included names, email addresses, dates of birth and phone numbers of 500 million people. By December, 2016, Yahoo admitted that a different group of hackers had gotten access to a whopping 1 billion accounts; this breach also included security questions and answers.
In October of this year, Yahoo revised their 1 billion estimate, admitting that all 3 billion user accounts had been compromised by this massive breach. These troubles led to Yahoo, which was in sales negotiations with Verizon, to lose $350 million of its value; Verizon eventually paid $4.48 billion for Yahoo’s main internet business and it now goes by the name of Altaba, Inc. While it may seem like there is little to do in the case of such a massive breach, the Yahoo situation serves as a good reminder that passwords should be changed regularly on all sites, as should security questions and answers.
Earlier this year a Verizon partner Nice Systems exposed as many as 14 million records of Verizon subscribers. Customers who called the mobile phone company’s customer service department were then found on an unprotected Amazon S3 storage server. Each record included the customer’s name, cell phone number and their account PIN, which, if obtained, could allow cybercriminals access to the subscriber’s account. In addition, each record contained the customer’s home and email address, current balance data and if it was a federal government account.
This situation illustrates how important it is for major companies to know how partners keep their customers’ data secure; as a consumer, you can always ask who is managing your personal information and how it is stored.