Believe it or not, two out of three people in the United States have had their personal information stolen by cyber-criminals. The likelihood is that this has already happened to you, and if not, it will happen eventually. And if it has happened, it will probably happen again. Why is this?
Even if you never click on a phishing email, and use a password manager to create and store longer randomly generated passwords, and coupled this with two-factor authentication your data is still at risk. The reason is that in most cases, the cyber-attackers are not getting the information directly from you, but are stealing it from servers where your information is stored with the information of thousands or millions of other people. This is because the companies that we have entrusted with this information are not doing a very good job of securing it. In all too many cases the information is not encrypted. Even passwords are occasionally found to be stored in plain text, or hashed using weak, easy to crack methods such as MD5 or SHA-1.
There is no way for us, as individuals, to protect ourselves from these sorts of security breaches. The best way to protect your personal information is to identify what information is the most important. Here are some categories that we believe are important to protect
- Personal data that could help criminals target us in the virtual and the physical world.
- Financial information such as bank, investment, and retirement accounts.
- Important personal information including medical records, income records, and tax filings.
- Professional information that affects how well we can earn an income, deliver goods or services, or interact with customers and co-workers.
- Information about our social reputation that impacts who we interact with family, friends, coworkers, and others.
Over the next five posts, we will look at ways to protect yourself and more importantly, detect and recover from the loss of personal information to cyber-criminals.Share