In the last few days, we have learned of successful major ransomware attacks at the U.S. Marshals Service and Dole Food Company.  Ransomware attacks in which the targeted victims data is stolen and encrypted in a manner that the victim cannot access is done primarily for profit.  If the victim pays a ransom, the criminal provides a key to decrypt the data.  The data stolen from the Marshals Service would enable the criminals to identify Marshals Service employees as well as people under investigation while the data stolen from Dole resulted in the stopping of deliveries of Dole products.  These attacks along with data breaches in which sensitive information is stolen from companies, government agencies and other institutions are increasing at an alarming level which creates a problem for all of us because regardless of how careful you are as to protecting your personal information, you are always at risk of having your information compromised by a data breach or ransomware attack at a government agency, company or other institution with lax security.

So what can you do?


The question is not if you will become a victim of a data breach or ransomware attack at a company, government agency or other institution that has your information, but when.  One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible.  For example, your doctor doesn’t need your Social Security number for his or her records.

You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger.  If your information is compromised in a data breach, you should immediately change the password for that account.

If you have not already done so, set up dual factor authentication for each of you accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password.  And while you are at it you should get a PIN from your cellular service carrier so that a particularly enterprising cybercriminal cannot thwart your dual factor authentication by doing a SIM swap which would result in a dual factor authentication text being sent to the criminals cell phone.

Freezing your credit is something everyone should do.  It is free and easy to do.  In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number.  If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies.  Here are links to each of them with instructions about how to get a credit freeze:

Even after freezing your credit reports, you should still regularly monitor them to look for indications of identity theft.

If you are not a subscriber to and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link.