Identity theft and hacking happens far too often, so it’s essential to protect yourself and your finances.
In 2013, we were shocked when Target Corp. announced that the credit card information of 41 million customers was compromised after a hacker gained access through credentials stolen from a third-party vendor.
In 2017, Equifax, a credit reporting agency, reported a hack that revealed the personal information of up to 143 million Americans, 15 million British citizens and 19,000 Canadians.
In 2020, a massive cyberattack occurred when SolarWinds, an Austin, Texas-based technology company, delivered a software update that included malware attached by hackers.
Ironically, SolarWinds sells its Orion software to thousands of companies, and it is intended to monitor their computer networks. SolarWinds estimated that 18,000 customers, including about 40 government agencies, received the update and were exposed to the hack.
Government agencies included the Pentagon, Treasury Department, Energy Department, US Postal Service, and Department of Homeland Security. Once the data is stolen, we don’t know who has access to it or how they can use it.
Recently, hackers changed their strategies and used a form of malware that encrypts files on a computer system. Once hackers infiltrate a computer system, they demand a ransom in exchange for file decryption. This strategy has been used in recent years to attack the computer systems of cities and towns, including Atlanta; Baltimore; Denver; Knoxville, TN; New Orleans; and Tulsa, Oklahoma.
In some cases, the ransom has been paid, although there is a concerted effort within the United States Conference of Mayors to stop paying ransoms.
Most recently, in January 2022, computer systems at Bernalillo County and Albuquerque Public Schools were hacked.
Being hacked is not always an indication that the company or city has been lax in its IT security policies.
Hackers have many ways to access it. I assume most personal information – including social security numbers, dates of birth, addresses, tax records, credit card numbers, emails, passwords and investment details – have been stolen and are accessible to cyber criminals and their malicious activities. This puts us at risk of having our identity stolen, having money illegally withdrawn from our bank and investment accounts, having our credit cards used fraudulently, and having tax refunds stolen. .
What can you do?
According to the Department of Justice website’s definition, “identity theft and identity theft are terms used to refer to all types of crimes in which a person wrongfully obtains and uses the personal data of ‘another person in a way that involves fraud or deception, usually for economic gain.’
Ngo Minh Hieu was a hacker who ran an online store that sold the stolen personal information of approximately 200 million Americans. He spent seven years in prison and now helps people avoid cybercriminals. An article by Cezary Podkul for ProPublica (January 27, 2022) reported that creating an infallible shield is impossible, but Ngo Minh Hieu and Podkul recommended several steps to reduce the risk. These are listed below, along with some of my own recommendations:
• Do not reuse passwords. In other words, don’t use your pet’s name for every website you visit. You should use long and complex passwords that are different for each site. Write them down on a master list of passwords. Or use an encrypted password manager, such as LastPass or 1Password.
• Review your credit reports and cancel any unnecessary credit cards. If there are any errors in your credit report, take the time to have them corrected. One way to access credit reports from the three credit reporting agencies is through the website www.annualcreditreport.com.
• Freeze your credit records. The freeze will restrict access to your credit file, so criminals won’t be able to open a new account or credit card in your name. If you decide to buy a car or apply for a new credit card, you can lift the freeze for a few days. Freezing and unfreezing your credit reports is free and websites are provided in the box.
• Consolidate and then close any redundant bank accounts or investment accounts.
• Review your bank statements, investment accounts and credit card statements monthly.
• Avoid clicking on links you did not request. Criminals are always trying to gain access to your computer, so you should be very careful before opening anything that looks suspicious. The cute videos that your friends email you may contain malware.
• Be careful with social media. The personal information you shared on Facebook or LinkedIn can be viewed by criminals. You can check the privacy settings on the sites or buy a service like DeleteMe to help you delete personal information.
• Keep your computer software up to date.
• Back up your computer data and files regularly or automatically.
• Configure two-factor authentication when possible. This provides a second level of security if you access websites for your bank or investment accounts.
Implementing some of the tips above takes time. However, if they help you avoid identity theft or becoming a target of cybercriminals, it’s a wise investment of your time.
Credit Bureau Contact Information
Equifax: http://www.equifax.com/personal/credit-report-services/credit-freeze/ or by phone at 800-685-1111
Experian: http://www.experian.com/freeze/center.html or by phone at 888-397-3742
Transunion: http://www.transunion.com/credit-freeze or by phone at 888-909-8872
Donna Skeels Cygan, CFP, MBA, is the author of “The Joy of Financial Security”. She was a paid financial planner in Albuquerque for more than 20 years before retiring in 2021. She welcomes readers’ emails at [email protected]