Published
With technology rapidly evolving, we live in a world that is constantly on the move. Because new discoveries and software updates are always occurring, it is crucial to understand how to protect ourselves online. While new technology is designed to help us and make our lives easier, that is not always the case. Each new update and innovation can also introduce new threats, which is why it is important to understand what they are, how they affect you, and what to do after encountering a threat.
What is a Data Breach?
IBM defines a data breach as, “Any security incident in which unauthorized parties access sensitive or confidential information, including personal data (social security numbers (SSNs), bank account numbers, health care data and corporate data (customer records, intellectual property, financial information)”(Kosinski, 2024). A data breach does not just affect one person; its impact can target an entire population. This population includes all the people served by a particular organization or company, such as a hospital, and all of its patients.
Through a data breach, hackers may gain unauthorized access to personal information of all affected people. Data breaches affect a wide range of people as cybercriminals typically target larger databases for a variety of different reasons. Larger sizes allow for less detection, as it is harder to keep a constant watch over everything. Larger databases also mean a larger amount of data to obtain, and these cybercriminals want to be able to take as much as possible in the smallest amount of time with minimal effort. A data breach can go undetected for as short as a few hours if it can be detected easily to as long as more than 270 days (Rodrigues et al, 2024).
Health Care Data Breaches
Hospitals and other health care facilities are frequent targets for cybercriminals because of the vast amount of sensitive personal information of all the patients. Cybercriminals are then able to hack into medical record bases which contain SSNs, credit card information, insurance information, addresses, and more (Vallabhaneni, 2024). Hospitals can lose access to their files and, in some cases, can only view their records while being unable to modify them (Reddy, 2021). These data breaches not only affect the patients, but the employees as well. There have also been cases where staff have halted work as they can no longer be paid by their respective organizations/companies (Mayer et al, 2021).
How Do Data Breaches Affect You
Data breaches allow cybercriminals to use or sell off your personal information found within a specific database. In either instance, unauthorized access to your personal information is a serious matter. With access to your personal information, these criminals can potentially use and charge your health care provider, open credit cards in your name, or even steal your identity (Moffit & Steffen, 2017). If you find that your data has been compromised, take immediate steps to lessen the damage. It is essential to check if your information was accessed during a data breach.
Start by checking official communications from the affected company or organization, as they are typically required to inform customers about a breach. When one is announced it is best to check to see if you may have any association to the database. This can be verified by seeing if the database stores any information for any organization that has personal information about you. This can be a health care provider or a credit union/bank, so be sure to check for any updates from the main organizations. The next step would be to start changing your passwords, especially for any accounts that use the same passwords and usernames as the breached account or service.
The best way to stop hackers from accessing multiple accounts is to use unique passwords. While it could be daunting to recall a number of passwords, consider using a password manager to generate and store passwords for each account.
What to Do After a Data Breach
If any of your personal information is leaked or hacked, it is important to take steps to prevent data from being further compromised. First, make sure to contact the major credit bureaus: Equifax, Experian, and TransUnion, as well as the Federal Trade Commission (FTC) (Gore, 2024). For each credit union please see their help pages: Equifax, Experian, TransUnion. To report any scams or malicious activity, contact the FTC here. From then on, it is important to always be attentive to your credit, and in some cases, you may even want to freeze your credit to restrict access (Mayer et al., 2021).
A credit freeze is a free way to restrict access to your credit report. Please note that this is different from a credit lock. A credit lock may have some charge, but does come with a bit more security. Credit locks can be initiated quicker and depending on the agency, they can send you alerts when someone is trying to access your credit when it is locked (TransUnion, 2024). Remember to ask a professional what is the best course of action.
Data breaches are an ongoing issue that can be very difficult for you to prevent on your own. While we cannot prevent exposure to all data breaches, there are many ways we can stay informed of the ongoing risks. Taking a proactive step like freezing your credit is a way you can reduce the risk of further exploitation and help protect your personal information from future breaches. It is important to do your best to stay vigilant and connected with others in order to minimize the possible damage and exposure that a data breach presents.
To learn more about freezing your credit, visit our website here.
Sources:
Gore, L. (2024, August 26). How to check if your Social Security number was part of Massive Data Breach. al. https://www.al.com/news/2024/08/how-to-check-if-your-social-security-number-was-part-of-massive-data-breach.html
Kosinski, M. (2024, May 24). What is a data breach?. IBM. https://www.ibm.com/topics/data-breach
Mayer, P., Zou, Y., Schaub, F., & Aviv, A. J. (2021, January 1). “Now I’m a bit angry:” individuals’ awareness, perception, and responses to data breaches that affected them. USENIX. https://www.usenix.org/conference/usenixsecurity21/presentation/mayer
Moffit, R. E., & Steffen, B. (2024, June 1). Health Care data breaches: https://mhcc.maryland.gov/mhcc/pages/hit/hit/documents/HIT_DataBreachesBrief_Brf_Rpt_090717.pdf
Reddy, J. (2021, October 11). Data Breaches in Healthcare Security Systems. University of Cincinnati. https://www.proquest.com/openview/07c6c17a0d11e74381866107fe06403e/1?pq-origsite=gscholar&cbl=18750&diss=y
Rodrigues, G. A. P., Serrano, A. L. M., Vergara, G. F., Albuquerque, R. de O., & Nze, G. D. A. (2024, June 5). Impact, compliance, and countermeasures in relation to data breaches in publicly traded U.S. companies. MDPI. https://www.mdpi.com/1999-5903/16/6/201
TransUnion. (2024, August 14). Credit freeze vs lock: What’s the difference? | transunion. https://www.transunion.com/blog/identity-protection/difference-between-a-credit-lock-and-credit-freeze
Vallabhaneni, R. (2024, July 7). Rohith Vallabhaneni | doctor of philosophy | university of the cumberlands | information technology | research profile. University of the Cumberlands. https://www.researchgate.net/profile/Rohith-Vallabhaneni