Home Page Featured 2

In fact, of the 1,255 total data breaches recorded by the Identity Theft Resource Center in 2018, 150 of were because of the mismanagement of information by employees tasked with protecting it. That means 12% of the data breaches were the direct result of mistakes in handling sensitive information, leading to 1,131,288 records exposed and potentially costly consequences for the companies involved.

April is Records and Information Management Month, and while it might not conjure up holiday-themed festive images the same way Christmas does, it is a great reminder that your information and your identity are only as safe as the people who have their hands on it.

What does it mean to mishandle information? There are numerous ways that information can accidentally fall into the wrong hands. It may be losing a flash drive or laptop with customer records on it, the theft of company hardware like laptops or even servers, reusing a weak password that lets hackers easily break into a system or failing to password protect a database of records in the first place. In other cases, the exposure resulted from improper disposal of sensitive information, such as throwing paper records in an unsecured garbage dumpster instead of shredding. In many cases, employees may fall for phishing attempts or respond to requests that appear to come from someone within the company but are actually sent by malicious imposters.

In order to protect all of the sensitive information that businesses gather and store, it is important to understand how to secure it and what can happen if it is compromised. It often starts with a solid company-wide computer use policy that outlines exactly how things like password security, email responses and data access are supposed to be enforced. Helping every employee understand the ramifications of mishandling information is important, too. Finally, a good “delete” housekeeping from time to time to permanently destroy any outdated stored records can thwart a lot of security problems before they arise.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC

Read next: TurboTax Breach Cause By Credential Stuffing

SAN DIEGO – Jan 28, 2019 – The Identity Theft Resource Center®, a nationally recognized non-profit organization established to support victims of identity crime, and CyberScout®, a full-spectrum identity, privacy and data security services firm, released the 2018 End-of-Year Data Breach Report.

According to the report, the number of U.S. data breaches tracked in 2018 decreased from last year’s all-time high of 1,632 breaches by 23 percent (or 1,244 breaches), but the reported number of consumer records exposed containing sensitive personally identifiable information jumped 126 percent from the 197,612,748 records exposed in 2017 to 446,515,334 records this past year.

“The increased exposure of sensitive consumer data is serious,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. “Never has there been more information out there putting consumers in harm’s way. ITRC continues to help victims and consumers by providing guidance on the best ways to navigate the dangers of identity theft to which these exposures give rise.”

Another critical finding was the number of non-sensitive records compromised, not included in the above totals, an additional 1.68 billion exposed records. While email-related credentials are not considered sensitive personally identifiable information, a majority of consumers use the same username/email and password combinations across multiple platforms creating serious vulnerability.

“When it comes to cyber hygiene, email continues to be the Achilles Heel for the average consumer,” said CyberScout founder and chair, Adam Levin. “There are many strategies consumers can use to minimize their exposure, but the takeaway from this year’s report is clear: Breaches are the third certainty in life, and constant vigilance is the only solution.”
To download the 2018 End-of-Year Data Breach Report, visit: idtheftcenter.org/2018-end-of-year-data-breach-report/

###

About the Identity Theft Resource Center:

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a nationally recognized non-profit organization established to support victims of identity theft in resolving their cases, and to broaden public education and awareness in the understanding of identity theft, data breaches, cybersecurity, scams/fraud, and privacy issues. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its call center, website, social media channels, live chat feature and ID Theft Help. For more information, visit: http://www.idtheftcenter.org

About CyberScout:
Since 2003, CyberScout® has set the standard for full-spectrum identity, privacy and data security services, offering proactive protection, employee benefits, education, resolution, identity management and consulting as well as breach preparedness and response programs.

CyberScout products and services are offered globally by 660 client partners to more than 17.5 million households worldwide, and CyberScout is the designated identity theft services provider for more than 750,000 businesses through cyber insurance policies. CyberScout combines extensive experience with high-touch service to help individuals, government, nonprofit and commercial clients minimize risk and maximize recovery.

###

Identity Theft Resource Center
Charity Lacey
VP of Communications
O: 858-634-6390
C: 619-368-4373
clacey@idtheftcenter.org

CyberScout
Lelani Clark
VP of Communications
O: 646-649-5766
C: 347-204-9297
lelani@adamlevin.com