turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Ask Marian

Article Options

Staying Safe When Your Data Gets Hacked!

by on 04-27-2011 03:46 PM

Hacking is back in the news, I’m afraid. There is great advice already out there for steps to take to minimize the impact of a data breach. First, take note of whether anyone in your family is a user of the network. Then determine which, if any credit cards are registered with it. Make sure you sign up at the credit card online website for alerts or fraud monitoring that may already be available to you.

 

Then look at your account information. Was that email address used to create the account the same one as your social network? Make sure you update your password and security questions to be different than those used on the impacted network for best security. You’d hate for the hacker to have access to email and your network of friends and colleagues and a few extra moves now will put you ahead in the game.

 

I’m expecting the hacker to send out spam to the registered email address pretending to be from the hacked network or one of their agencies. You might get asked to update the registered credit card (and then they’d have two from you) or to provide an updated password. Remember; never respond to unsolicited emails like this. If you are suspicious your account (gaming or other) needs attention, visit the website by typing the address yourself, and don’t click a link.

 

Lastly, start reviewing your existing credit information with a report from www.annualcreditreport.com You should consider setting up free fraud alerts with one of the three credit reporting agencies. You’ll find information on those techniques at www.annualcreditreport.com as well.

0 Kudos
Comments
by CrackerAttacker on 05-23-2011 06:37 AM - last edited on 05-23-2011 06:49 AM
Options

Good information Marian.  I would like to add that the free fraud alerts are only enabled for a period of 6 months; afterwhich there is a fee involved with extending the alerts with Experian, Trans Union, and Equifax.  If anyone has suffered any monetary damages, whether reimbursed or not, the Federal Trade Commission will investigate their claim.  I believe if victims took the extra initiative to file a complaint with the Federal Authorities, it would lead to an increase in the level of punishment of offenders and the level of assistance available for victims.  https://www.ftccomplaintassistant.gov/

 

The FBI also will accept complaints if damages have been had at the FBI Internet Crime Complaint Center.  www.ic3.gov/complaint/default/aspx

 

Even when we follow all of the best practices and security advice available, we can still become a victim.  Just recently, not once but twice, my account with a Fortune 100 company was compromised.  Ironically, last fall, I emailed the customer service department advising of the danger of including links in emails that redirected to user accounts allowing users to check points balances, without requiring the user to logon. 

 

The customer service department initially "assured" me that the authentication scheme used to identify the clients on their server, was a secure routine.  Of course the "top secret" authentication routine was most likely, a cookie and ip log.  Last month the company issued two separate security alerts advising that their "Silver Rewards Members", as I, should utilize prudence in regards to potential spam received that may appear to be sent from them.  Apparently, a third party vendor, retained ironically to send spam for them, had advised that the database of "Silver Rewards Members" accounts had been "viewed" during unauthorized access.

 

It was not made clear but I highly suspect that the unauthorized access distinction may have included their culpability by involving the exact attack vector in which I mention above.  You would expect more from the largest seller of electronics in our Country.  I was shocked that the advice to users to change their account passwords and to warn their banks was not given; then I remembered that there was a legal department involved. lol

 

 

 

 

0 Kudos
About the Author
  • Norton's Internet Safety Advocate. I write and speak about issues impacting the online security and safety of kids and families.