Three days ago the Maine state government confirmed that many of its departments had suffered a data breach affecting 1.3 milli0on people with large amounts of sensitive information including Social Security numbers compromised. The data breach at Maine, however was not a result of their computers being hacked directly by cybercriminals, but rather was done by exploiting a vulnerability found in MOVEit software used by Maine as well as 620 other organizations including American Airlines, TD Ameritrade, Johns Hopkins University and other users of the same software who can be assumed to also have suffered data breaches affecting an estimated 40 million people. I have been telling you about these data breaches for months.
This supply chain attack brings back memories of the 2020 SolarWinds supply chain security breach. SolarWinds is a company that provides system management software to 30,000 companies and government agencies. Hackers exploited a vulnerability in its software that, in turn, led to data breaches at thousands of governmental and private entities.
Last year, there were more than 1,800 reported data breaches and probably many more that were not reported affecting 422 million people. The question is not if you will become a victim of a data breach. The question is when.
As I have reminded you many times, we are only as safe and secure as the security of the companies, government agencies and websites that have our personal information. Even if you are extremely diligent in protecting your personal information, you can be in danger of identity theft and scams if your personal information falls into the hands of hackers.
So what can you do to protect yourself from these data breaches that will be occurring?
One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible. For example, your doctor doesn’t need your Social Security number for his or her records.
You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger. If your information is compromised in a data breach, you should immediately change the password for that account.
If you have not already done so, set up dual factor authentication for each of you accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/