Costs of Data Breaches

2017 demonstrated what can happen when big data companies and organizations suffer hacks. Equifax, Uber, and Yahoo grabbed the headlines, but attacks also revealed information about millions of American government employees, military personnel, and voter records. FedEx, Verizon, and Netflix also suffered from attacks on their systems.

One reason for the success of these attacks seems to be the release of government-developed hacking tools to the public. Wikileaks published a description of tools reported to be from the American Central Intelligence Agency (CIA). These were later determined to be outdated but a release by a group called Shadow Brokers provided access to tools they claimed were used by the American National Security Agency (NSA) which did seem to be true. Putting such tools in the hands of groups and individuals dramatically increases the chance of successful hacks.

Another reason attacks are successful is the use of outdated software and security practices by companies and agencies. Investment in Information technology (IT) systems can be substantial. Companies and agencies often have a difficult time justifying the large sums of money necessary to patch systems or update them altogether. Lax security practices are another contributing factor. As a result, hackers find many targets they can attack.

The impact of a data breach or hack can be significant in terms of customer confidence, interruption of business, and potential damage to systems and other corporate assets. According to the 12thannual Cost of Data Breach Study in 2017, the cost per record stolen has dropped from $154 to $148 but the average size of a breach has increased to 24,000 records, taking 201 days on average to detect. When the number of records rises into the millions, the costs mount quickly.

Facts You (Probably) Didn’t Know about Identity theft

The U.S. Department of Justice’s Bureau of Justice Statistics (BJS) published a revealing report, that says an estimated 17.6 million Americans were the victims of one or more identity theft incidents in 2014. For 86 percent of these victims, the most recent incident involved the unauthorized use of an existing credit card or banking account. The BJS also noted that 45 percent of victims didn’t even know their information was stolen until they were contacted by a financial institution, and about 65 percent of all identity theft victims had absolutely no idea how a criminal gained access to their information.

Individuals can experience losses as well. In our recent blog article about how much identity thieves are willing to pay for various bits of personal and financial data, we showed that everyone’s data has some value on the dark web. As a result, all individuals are at some risk. And they should be concerned about what happens to their information.

Like companies and agencies, when an individual’s information is stolen and used, they suffer damage to their credit rating, perhaps to their personal reputation, and may end up paying for things they did not buy or to repair the credit breach. For most individuals, they are unaware that their identities have been stolen until a financial institution contacts them. The costs to fix the effects of the theft can be in the thousands.

Here are a couple of things you can do to protect yourself:

• Never click on links in emails or on pop up boxes to download software (unless you are at the software vendor’s site).
• Use antivirus and anti-malware software on your PCs.
• Secure your physical (not electronic) mail box. If possible buy one with a lock so no one can take mail containing any personal information.
• Destroy mail with personal information rather than simply throwing it away. Many identity thieves go through trash for this purpose. Have some fun with this and use a shredder! Really, it is very relaxing to shred things, at least to my family. Or start a fire or grill with them
• Consider investing in identity theft insurance if available where you live.
• Secure your communications and transactions when sending them electronically. Encryption products are available that provide a portion of the solution. For complete protection, look to CRIP.TO and our Shield and Black combination for the absolute best identity and communication protection available.

Identity theft is worth too much money for the bad actors to stop. Fortunately, we as individuals can fight back by protecting ourselves. CRIP.TO is dedicated to helping realize that goal.

Copyright © 2017–2018 CRIP.TO OÜ

Originally published at crip.to.