Data breaches are becoming more common these days. In fact, 75% of all U.S. retailers have suffered a data breach at some point, and half have been hacked over the past year.1
But retailers aren’t the only target. Cybercriminals have hacked major corporations across all industries, as well as social media platforms and even credit bureaus. A recent report in Wired claims that some 773 million records — email addresses, passwords and more — had been stolen and shared among hackers in an online forum.
The threat of hacking isn’t going away anytime soon. While you may not be able to control what happens to companies, the good news is that there are simple, practical steps you can take to reduce your likelihood of becoming a victim.
In recognition of Data Privacy Day, which occurs every year on January 28, here are some ways to protect your personal data:
How to protect your personal info online
- Use unique and complex passwords — We all know that “password123” doesn’t cut it. To be extra safe, make a password only you understand and create different passwords for all your accounts. If you need help creating or remembering them all, try a password manager.
- Use Technologies Designed to Protect Your Security — Precautions like 2-Factor Authentication (2FA), fingerprint and facial recognition apps, and security questions which require a correct answer can go a long way toward preventing authorized access to your data.
- Be careful using public Wi-Fi — While convenient, most public Wi-Fi connections are unsecured. If you need to do some online banking or shopping, wait until you get home and use your own secure network.
- Keep personal information off social media — This gives new meaning to the term “oversharing.” No matter what, never publish the following information on any account: year of birth, address, phone number, Social Security number or mother’s maiden name.
- Beware the “Phishermen”: Don’t open suspicious files, links or emails — Phishing is a type of scam where criminals send phony messages such as emails that are designed to trick you into giving up personal information. Examples of phishing include messages claiming that an account you have is about to be deactivated, along with a link to a page asking you to enter your login credentials to prevent this from happening. Others involve fake websites designed to look exactly like a real one where you log in, such as a bank website. If you enter your username and password— they’ve got you. Always check to make sure the website URL is correct to the letter…if something doesn’t feel right, exit immediately and don’t open any links or download any files. (Check out this list of common phishing scams)
- Read app permissions before clicking “I agree” — It’s common to just accept these permissions because you want to get on with your life. Don’t. In doing so, you might be unintentionally giving them access to your GPS data, message history, camera and contact list. Make sure you’re ok with all the permissions before accepting.
Tips for keeping your private information safe offline
Paper documents, whether personal or professional, can provide plenty of data for identity theft. Here are some common rules for protecting your offline information:
Lock all documents in a safe — Birth certificate, SSN card, tax returns and all other sensitive documents should be locked in a safe or bank locker. As a bonus, this can help you stay more organized, too.
Shred unwanted paperwork and mail — Ever heard the phrase “one man’s trash is another man’s treasure”? If you don’t shred sensitive paperwork or mail before throwing it away, criminals can use it to steal your identity.
Limit what you carry — Do you really need to take your SSN card to the grocery store? When you leave the house, only take the ID, cash and credit card you need for that trip.
Keep your health plan information private — Criminals can use your name or health insurance numbers to see a doctor, get prescription drugs and file claims with your insurance provider. Prevent medical identity theft by destroying prescription bottle labels and avoiding “free” health services or products.
Be cautious with your mail — Your mailbox can be a nonstop source of information for identity thieves. If you can’t pick up your mail soon after it’s delivered, consider getting a locking mailbox. If you need to mail something sensitive, take it to a drop box. And if you won’t be home for a long period of time, request a vacation hold from the USPS.
Stay on guard 24/7
Identity theft is a round-the-clock issue that affects everyone, everywhere. The best way to protect yourself is to keep your guard up and stay one step ahead.
If you believe that you’re a victim, here are some tips on what to do if your identity is stolen.
1. Thales Security. “2018 Thales Data Threat Report – Retail Edition.” ThalesSecurity.com. https://www.thalesesecurity.com/2018/data-threat-report-retail (accessed January 17, 2019).
*Joe Guida contributed to this article.