Many of us are said to have data breach fatigue, which means that due to so many massive data breaches occurring in recent years, such as the Equifax data breach of 2017 in which 145 million people had personal information stolen, we have become numbed and fail to appreciate how serious these data breaches are. This is a mistake because the personal information stolen in data breaches often can lead to identity theft in various forms including having your bank accounts hacked and stolen. Recently security expert Brian Krebs disclosed that First American Financial Corp, a multi billion dollar title insurance company had a vulnerability on its website that enabled anyone to access approximately 885 million of their records including their customers’ bank account records, Social Security numbers and a wide range of other personal information of their customers going back to at least March of 2017.
Because these records were not stolen in an intentional hacking, but merely exposed by a vulnerability already existing in First American’s website and record keeping, it is presently totally unknown if criminals have already had access to these records. First American has acknowledged the defect that permitted unauthorized access to its customers’ records and has disabled the website that maintained the records, but it is not known how much damage may have already been done.
A good place to start protecting yourself from data breaches is by finding out in which data breaches your personal information has been compromised. You can do this by going to the website, https://haveibeenpwned.com/
One of the biggest lessons from the myriad of data breaches is to make sure that you use unique passwords for every online account that you have in order to avoid having a sensitive account, such as your online banking account compromised because you use the same password as you do for another relatively meaningless account that had poor security which led to a data breach in which your password was stolen.
Creating and remembering strong, unique passwords for each of your accounts is not as difficult as it may appear. You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts. Thus, your Amazon password could be IDon’tLikePasswords!!!AMA.
Whenever possible use dual factor authentication for your accounts so that when you attempt to log in, a one-time code will be sent to your cell phone to insert in order to get access to your account. For convenience sake you can set up dual factor authentication so that it is only required if you are logging in from a different computer or device than you normally use.
Also, with your email address commonly known by many scammers, you can expect to receive more and more phishing and more dangerous, specifically targeted spear phishing emails that attempt to lure you into clicking on links containing malware or try to convince you to provide personal information that can be used to make you a victim of identity theft. Never click on links or provide personal information in response to an email or text message unless you are absolutely sure that the email or text message is legitimate. The danger of information taken from the data breach at First American Financial Corp. being used for spear phishing emails is particularly high so if you were a customer of theirs, you should be skeptical of any communication you receive purportedly from them.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”