Companies, organizations and agencies that hold and transmit people’s personal information should keep it reasonably secure from unauthorized access and use. But what if there is a data breach that exposes the information? How should the breached entity help those affected? Should it offer them identity theft services?
In the Office of Personnel Management breach and the Anthem healthcare breach—just to name two of the record-setting numbers of data breaches that happen each year—millions of US citizens had all of their highly-sensitive personal identifiable information (PII) stolen by hackers. This data included names, birth dates, Social Security numbers, and in some cases even fingerprints, which virtually handed over these citizens’ entire identities to criminals.
When news breaks of another large-scale data breach, especially one that affects millions of consumers at a time, it’s all too easy to envision a faceless hacker who sits safely outside the reach of the law. But the reality of data breaches is that a significant number of them are “inside job” attacks, whether intentional or accidental.
Medical data breaches continue to happen at an alarming rate. It’s bad enough that someone has made off with your complete identity thanks to the amount of information a doctor’s office or medical center needs, they’ve also potentially stolen your complete medical history, and there are many different ways that can hurt you.
Data breaches are a possible threat to any business, no matter how big or small and no matter what type of industry. In fact, since the Identity Theft Resource Center started tracking data breaches in 2005, almost every year has seen a record number of breaches and hacking events in everything from major retailers to mom-and-pop businesses.
News broke this week that an alleged data breach may have exposed the email accounts and passwords of millions of Yahoo users, resulting in the sale of their information online. What makes this an “alleged” data breach? The fact that Yahoo has yet to confirm it, and the fact that anyone can claim to have hacked and stolen personal information.
The latest in a growing list of major retail data breaches is the popular Cici’s Pizza chain, who announced that locations in seventeen states had suffered a data breach within the POS system. The result of this breach was that customers’ payment cards were compromised.