Wells Fargo Data Breach - Not Your Typical Breach
When there’s news of a data breach, the public tends to have some urgent questions. Was my account information stolen? Have my funds been stolen? Is a criminal opening a new account or buying a car in my name right this very second?
Given the recent history of data breaches, those are all logical concerns. But it’s important to understand that not all breaches are equal, depending on the information that was stolen, the mechanism by which data was exposed, and the intent of the parties involved.
Wells Fargo just suffered a data breach…technically. In this case, a lawyer subpoenaed some information relevant to a lawsuit, and the information that was accidentally shared with the attorney was the wrong information. Instead of the pertinent data related to the case, a CD containing highly sensitive information about a significant number of Wells Fargo clients was sent over.
So yes, this is technically a data breach in that an unauthorized user gained access to sensitive information—including Social Security numbers and account details—for some 50,000 customers and employees. However, this is almost certainly not a cause for alarm. Should the attorney attempt to do anything illegal with the data, there is a clear record of who gained access to it, which could lead to potential repercussions from the lawyer’s State Bar Association. As such, in this particular breach incident, there is little chance that this event will lead to crimes like identity theft, account takeover, or fraud.
The lesson here is that any data breach might be cause for alarm, but that doesn’t mean every data breach is. The ones who should worry about this kind of event are the ones who mishandled customers’ data, not necessarily the customers themselves. Of course, it’s always a good idea to engage in preventive behaviors like monitoring your credit reports, contacting your financial institutions every time you see suspicious activity, and changing your passwords on your online account regularly.