In the Scam of the day for December 22, 2023 I first told you about the data breach affecting all thirty-six million customers of Internet service provider Comcast Cable Communications which occurred between October 16, 2023 and October 19, 2023 in which usernames, hashed (encrypted) passwords, birth dates, security questions and answers as well as the last four digits of the Social Security numbers of its customers were compromised.  Some people might mistakenly believe that having only the last four digits of their Social Security number in the possession of scammers does not put them in jeopardy.   It most certainly does.  The first three digits of your Social Security number relate to where you live and is easily determined; the second two digits are group numbers that until 2011 were based on when you obtained your Social Security number and are even available on the Social Security website for years up till 2011, but even for numbers issued after that date, there are only 99 possibilities so it is not particularly difficult for an identity thief to determine your Social Security number with just the last four digits.  Armed with your Social Security number, a criminal can make you a victim of costly identity theft quite readily.

A class action against Comcast alleging negligence in protecting the personal information of its customers was filed shortly after the data breach and the case has now settled with Comcast agreeing to pay $117.5 million.  As is common in such settlements, Comcast did not admit liability.  Class members can receive reimbursement for out-of-pocket expenses and lost time.  Alternatively, class members can choose a cash payment of $50.  In addition to the cash payments, Comcast is also offering class members three years of credit monitoring, dark web monitoring, authentication alerts, high-risk transaction monitoring, identity theft insurance and monthly credit score tracking.  The deadline for filing a claim is August 14, 2026.  Here is the link to where you can file a claim. https://forms.ksacms.com/efiling/fr/eform/comcastbreachsettlement_claimform/new?form-version=1&fr-wizard-page=section-1

Regardless of whether you were affected by this particular data breach, we are all likely to be victims of future data breaches. So what can you do to protect yourself from data breaches that will be occurring?

TIPS

One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible.  For example, your doctor doesn’t need your Social Security number for his or her records.

You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger.  If your information is compromised in a data breach, you should immediately change the password for that account.

If you have not already done so, set up dual factor authentication for each of you accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password.  However it should be noted that the malware responsible for this particular data breach is able to bypass password requirements and dual factor authentication.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/