JP Morgan, iCloud, the U.S. Postal Service, Target, eBay, Home Depot. What do these organizations have in common? They all have the dubious distinction of topping the list of the biggest data breaches in 2014. Anthem has joined their ranks this year with a breach that, according to Anthem, may have affected up to 80 million current and former policyholders.
Security breaches seem to be happening with increased frequency. The Ponemon Institute released a report in 2014 stating that 43% of companies experienced data breaches, and when the breaches occur, the blame game begins. The finger usually ends up pointed at the companies that house the data, and their IT and security protocols. Are these companies negligent in the loss of sensitive customer data? Or are they doing their best to keep up with these highly motivated hackers in an ever-changing landscape of cyber insecurity? That is a question for the U.S. Federal Trade Commission to answer, but the decision doesn’t matter much to those who suffer the effects of stolen personal information: regardless of who is to blame, the result is the same.
While identity theft is the most common consumer complaint in the United States, the percentage of U.S. households reporting it in 2013 was just 7%.1 In other words, the likelihood that you will fall victim to identity theft – even given the data breaches that occur – is still relatively small. The media tends to sensationalize identity theft as if it is rampant. In February, CNN Money reported that every two seconds, another American becomes a victim of identity theft. This sensationalism can be counterproductive; suggesting that becoming a victim is inevitable, and that little can be done to protect oneself. While there is no way to guarantee protection against identity theft, there are some simple ways to decrease the likelihood.
The majority of fraud associated with identity theft is the misuse of existing credit cards and existing bank account information. Most institutions provide protection against fraud for your existing accounts, often limiting your personal liability to zero. If you fall victim to this type of fraud, most cases can be resolved quickly.
The most troubling breaches are the ones in which social security numbers, bank account, and/or credit card information are compromised. This can open the door to thieves who have the intention of using this personal information to assume your identity, sometimes to commit fraud or other criminal activities. While this misuse of personal information accounts for less than 15% of all reported types of identity theft, it can bring with it more significant stress and hassle than the more common misuse of existing credit cards and accounts.
Here are some of the things that identity thieves can do with your information: 2
- Open new lines of credit using personal identification information
- Open bank accounts and write bad checks
- Forge checks to wipe out bank accounts
- Apply for auto loans
- Commit other crimes and then give the victim’s name to the police during their arrest, instead of their own
Disturbing? Yes. Inevitable? No, even if you are a victim of personal information theft. If you look at the list above, one common strategy for identity thieves is to open up new accounts or loans, as opposed to tampering with your existing accounts. One way to protect yourself from identity theft is with a “security freeze,” also known as a “credit freeze.”
A security freeze allows you to restrict access to your credit report. Why is this important? Since most creditors need to see the credit report before approving new accounts, having a security freeze in place makes it much harder for thieves to succesfully open new accounts (it cannot, however, prevent them from making changes to existing accounts, so always monitor those closely). It is easy to put a security freeze in place for all three of the credit reporting agencies: Equifax, Experian, and Transunion, and in many states, it is also free to do so. Once in place, you can lift the freeze (either permanently or temporarily) to open new accounts, apply for a job, purchase insurance, or perform other credit-related transactions. There is a nominal cost for lifting a freeze, which varies by state. Having personally set and lifted security freezes, we can attest to the ease and convenience of the process. While you should make every effort to monitor your existing accounts for fraudulent activity, having a security freeze in place can give you peace of mind.
If you’d like to learn more about credit freezes and how to put one in place, please visit one of these resources. And if you are a client, please let us help you implement your security freeze.
1Identity Theft / Fraud Statistics, Source: U.S. Department of Justice, http://www.statisticbrain.com/identity-theft-fraud-statistics/
2Adapted from Identity Theft: What you can do to protect yourself, Office of Inspector General, https://www.nsf.gov/oig/identitytheft.pdf