Protecting Your Personal Information

Equifax, one of the largest credit reporting firms in the U.S., announced on September 7th that more than 143 million consumer records had been stolen.  Yes, that's right, one of the organizations charged with safeguarding our credit and personal information was itself a victim of cyber-theft.  To put this into perspective, 143 million records represents nearly half of the total population of the United States.  Additionally, because the hackers got our most personal information, including social security numbers and dates of birth, the risk of identity theft could persist for the rest of our lives.  Adding to our sense of helplessness, nothing we could have done would have prevented the loss of our personal data.  Ultimately our data is only as secure as the locations where it is being held, and increasingly it appears that no place is safe.  Now would be an excellent time for a primal scream.  Go ahead, I'll wait.  

   According to Bloomberg Technology, U.S. Companies and Government agencies suffered 1,093 significant data breaches in 2016, a staggering 40% increase over 2015.  Unfortunately, it looks like 2017 is shaping up to be another record year for hackers.  Identities and credits cards are being stolen, hospital records held ransom, e-mail accounts compromised, people spied on with their own cameras, and on, and on, and on.  Because so much of our lives are now lived online, this malicious activity presents an ongoing threat to our safety and security.  

  So what is really going on?  Clearly, organizations are aware that hackers want to gain access to their networks, and yet data breaches continue to occur.  We know that stopping cyber-theft is a top priority for organizations, and we can assume that they have some very smart people working on the problem.  That being the case, how does this continue to happen?   One answer seems to be that large networks are so massive and complicated, that it is impossible for computer engineers to secure the entire network.  In fact, they may even struggle just to understand where all of the data resides and who has access.  As an example of the challenge, a large data network may generate hundreds of millions of security logs weekly, with any one of those being a potential threat.  In other words, there is simply too much data for engineers to analyze in real time and identify potential threats.  Another reason data intrusions are increasing is because our adversaries are becoming more sophisticated. Criminal organizations or even foreign governments may now sponsor entire teams of hackers.  Additionally, we are no longer defending solely against human hackers. Increasingly artificial intelligence agents are being used to probe computer networks for vulnerabilities.  Ironically, going forward, artificial intelligence is also one of the ways that companies hope to strengthen their network defenses and defend against cyber-intrusions.

   So although there is nothing we could have done to prevent the loss of our personal information from Equifax, we can definitely limit someone's ability to use it.   In addition to all of the usual precautions, such as regularly changing your passwords and frequently monitoring your accounts, you may also want to sign up for a Credit Monitoring service, which will notify you anytime your personal information is used to open an account. Alternatively, you can opt for even more protection by placing a Security Freeze on your credit file.  This will ensure that no one can even view your credit file without your permission.  I did this recently and the entire process took no more than fifteen minutes.  In order to place a security freeze on your file you will need to contact the three main credit reporting firms (Experian, Equifax and Transunion), either online or via telephone.
   In summary, a war for our personal information is raging in cyber-space, and as of now our side is losing.