If Data Breaches Are Inevitable, How Can Consumers Protect Their Identity?

Cybercrime risk in Australia isn’t just increasing – it’s exploding at an almost exponential rate. As reported by the ABC, recent ACCC data shows that Australians lost more than $47 million per month from January to September this year, based on reports to the government body.

That’s a 90 per cent increase in losses compared with the same period last year. With just 13 per cent of victims reporting their losses, the actual losses to cyber crime are likely to be vastly higher.

That jump in cyber crime also came before the multiple high-profile data breaches at large organisations that have occurred recently. Those breaches exposed the majority of Australians’ details to cyber criminals and put them at risk of fraud and identity theft. Already the first reports of losses as a direct result of those breaches have started to filter into the media. It’s going to be an expensive time ahead for the nation.

What can individuals do to protect themselves from identity theft?

It’s almost impossible to avoid putting the data on the Internet in our modern society. The vast majority of services are run over the Internet and, even if you don’t directly input the data yourself, banks, insurers, government agencies, and businesses that you interact with daily will store your data, as a customer, in Cloud services. If there’s a breach, your data could be compromised without you ever doing anything to put it at risk.

There is the legal requirement to report to customers when a data breach has occurred, so you will know when (unfortunately, it is “when” and not “if”) your data has been compromised. However, you can also be proactive in monitoring your own identity for theft. Some of the key features of Norton Identity Advisor Plus product are tailored towards this, including:

1) Social Media Monitoring – Norton Identity Advisor Plus will keep an eye on your social media accounts and, if anything suspicious should occur, notify you immediately. This is particularly valuable for those social media accounts that you use less frequently.

2) Dark Web Monitoring – Norton Identity Advisor Plus continually scours the dark web and private forums to monitor for your personal information. Should it show up there, it will notify you of what has been stolen and sold.

 If your data has been compromised, you need to act quickly. While you might not necessarily be able to prevent the breach from compromising your data, there are things that you can do to protect yourself in the event it happens.

1) Watch for suspicious activity. A lot of the time, when a person’s data is breached, it’s not enough for the cyber criminals to act on. They’ll need more, so they’ll start to look for ways to gain the additional information. Be wary of phone calls from sources you don’t recognise, emails that ask you to confirm details, and messages about attempted password changes on your accounts. These are signs that a cyber criminal may have some data and is investigating you further.

2) Read your card and account statements closely. Any unusual transactions should be flagged immediately, even if they’re so small that you think you may have simply forgotten the purchase.

3) Any changes of details. If any correspondence with the company or service has some details changed, be sure to check when those changes were made and who authorised them.

4) Talk to an Identity Restoration Specialist. To further understand the best practice approach, as well as next steps, if can be useful consulting with a specialist. Norton Identity Advisor Plus can help here, by giving you access to expertise to assist you from the start of the process right through to the end.

There are also some steps that you can – and should – take to resecure your data immediately. That way, if cybercriminals do compromise systems that you’re on, getting the rest of the data that they need to commit identity fraud on you is much more difficult.

1) Change all your passwords and enable two-factor authentication (2FA). With 2FA, consider getting a dedicated token device, or a second, pre-paid phone that you use exclusively for that purpose. “Hijacking phones” is an increasingly common strategy by cyber criminals, where they will convince your phone company to move your number to their device, and, once they’ve done that, they can circumvent all of your 2FA defences. Most people’s phone numbers can be researched online, so having a secure number that you don’t share and isn’t public for the purposes of 2FA is an extra layer of protection.

2) Remove as much personally identifiable information from social media as possible. It might be nice getting birthday messages on your Facebook wall or Twitter feed, but your date of birth is one of the most common pieces of data for verification, and if a cybercriminal has it it can be integral to getting access to your accounts.

3) Consider freezing your credit ratings. If you are seeing suspicious activity, contact the credit reporting agencies and put a freeze on your credit ratings. This can be unfrozen when you next need to apply for credit, but it will immediately prevent identity fraudsters from using your identity to take out credit in your name.

4) Consider getting new cards and other identifying documents (such as licenses and the passport). Getting these re-issued will change the numbers and security details, making the old information worthless. Norton Identity Advisor Plus can help with this as part of its solution.

Finally, one thing that’s often overlooked in cases of identity theft is the cost of addressing it. Above and beyond the issue of any stolen money, dealing with identity theft can involve the use of lawyers and significant lost income in the time that you spend away from work. In addition to the monitoring and support features, Norton Identity Advisor Plus also includes insurance for losses and expenses related to identity theft, helping to minimise the overall impact for victims.

While the social and political pressure is on organisations to be responsible with customer data, the threat profiles out there are simply too great, and the consensus is that security is more about minimising the impact of breaches than it is preventing them. At an individual level, consumers can do their part to protect themselves by being alert, understanding how to address a data breach, and then having the right tools and solutions to support them.

For more information on Norton Identity Advisor Plus, click here.

Security