Data breaches continue to a major problem for all of us. Regardless of how well you protect the security of your personal information on your own computers and devices, you are only as safe as the places that hold your information with the weakest security. Earlier this week American Airlines confirmed that it had suffered a data breach in July that compromised personal information of both employees and an undetermined number of customers. The stolen information included names, dates of birth, mailing addresses, phone numbers, email addresses, driver’s license numbers, passport numbers and even medical information.
It is distressing that although American Airlines became aware of the data breach in July, it did not notify affected people until mid September.
American Airlines is offering affected people two years of identity theft protection services provided by Experian. Here is a link to a prototype of the letter being sent by American Airlines to its customers and employees describing the data breach and how to apply for the identity theft protection services. https://media.dojmt.gov/wp-content/uploads/Consumer-Notification-Letter-566.pdf?mod=djemCybersecruityPro&tpl=cy
Hackers who have your cell phone number or email address may use that information to formulate phishing phone calls referred to as Vishing or spear phishing emails to lure you into clicking on malware infected links or provide personal information. Because whenever you receive an email, phone call or text message you can never be sure who is actually contacting you, you should never click on a link or provide personal information in response to such communications until you have absolutely confirmed that the communication is legitimate.
Your phone number also provide other problems. When a criminal knows your cell phone number, he or she can leverage that number through commonly available legal databases such as White Pages Premium and learn information such as your current address, past addresses, the names of your family members and more. The criminal can also use the number to gain access to your social media accounts and can most significantly use the information gained to answer security questions that would allow the criminal to do a SIM swap whereby your cell phone number would be transferred to a phone of the criminal and thereby defeat dual factor authentication where you get a text message or a code sent to your phone when you go to access your bank account online or any other account that requires significant security. I wrote a Scam of the day for June 20, 2022 that goes into detail as to how to protect yourself in regard to the privacy of your cell phone number. Here is a link to that Scam of the day. https://scamicide.com/2022/06/19/scam-of-the-day-june-20-2022-why-you-should-keep-your-cell-phone-number-private/
Anyone affected should freeze their credit at each of the three major credit reporting bureaus. In fact, freezing your credit reports is the single best thing anyone can do to help protect themselves from identity theft. I urge everyone to do so whether or not you were affected by this data breach.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, you can sign up using this link. https://scamicide.com/scam-of-the-day/