There’s no such thing as a “good” data breach, even if there are instances where the stolen information wasn’t quite as harmful as it could have been. One recently uncovered example demonstrates how the victims’ identities might not have been stolen, but damage can still be done.
Researchers have discovered in an ongoing investigation that more than 198 million voters’ profiles were found unsecured online, an interesting number considering that as of October 2016 there were only200 million registered voters in the US. The database contained an abundance of information including names, addresses, ethnicities, religious views, and political affiliation.
The information had been collected by the Republican National Committee’s data analytics firm Deep Root, then stored online on an Amazon web hosting server. A security analyst, Chris Vickery from UpGuard, discovered the unsecured information online and alerted Deep Root to its open accessibility in order to give the firm a chance to secure it before publishing his findings.
It’s important to state that no sensitive personal identifiable information—at least none that should do lasting harm to a victim’s identity or finances—is believed to have been compromised. But at the same time, the people who took responsibility for the information in the first place had an honor-bound duty to protect it. There is no way of knowing who has accessed it, which foreign hackers may have used it, or whether or not we can expect any further malicious outcome from leaving it exposed.
The compromised information included home addresses, which isn’t typically a cause for concern, but could potentially lead to unwanted mailings, mail fraud, and “dumpster diving” theft; regardless of whether or not their information was compromised, the public should always be mindful of shredding their important papers before discarding and destroying things like credit card offers, bills, and financial or medical statements.
In a data breach in which less sensitive information was accessed, there are still concerns over phishing attempts and spam emails. Victims of this kind of breach should be especially careful when opening emails and other messages, taking extra care to avoid clicking on embedded links or opening attachments as both of those methods are common forms of spreading viruses and ransomware.
Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.