2021年10月27日 • 7分钟
文章内容
Data breaches occur when an organization’s systems are hacked by criminals – allowing criminals to gain access to the information on the systems. 例如, a large supermarket chain could have its payment system hacked, or a hospital system could experience a hack of its patients’ medical records.
There are federal and state laws requiring organizations to reveal to customers or members if their data is part of a breach. You could also find out by watching the news – the 2013 Target breach, 例如, 被广泛宣传.
If you believe you were the victim of a data breach, here’s six steps to take immediately.
找出哪些信息被泄露. While all data breaches may be scary, some types of data require more urgent action.
接触Patelco and get advice on securing your accounts – and it will be helpful if you know the type of information that was breached.
联系 the 4 credit bureaus to set up either a fraud alert or a credit freeze. 当诈骗警报生效时, anyone who receives a credit application in your name should call you to verify your identity and confirm that you’re the one who really applied. 信贷冻结, creditors can’t even access your credit reports – so it’s impossible for them to approve a credit application. (If you need to apply for credit during a freeze, it’s possible to temporarily lift the freeze.)
Fraud alerts and credit freezes have to be put into place with each individual credit bureau. There may be a charge to add or remove alerts and freezes. 以下是4家征信机构的太阳集团平台:
Change your online banking 用户ID and 密码 at Patelco, 以及其他任何你有登录凭证的地方. 一旦黑客掌握了你的敏感个人信息, they can often use it to figure out the password to your email or bank account – especially if it’s something that includes your birthday or the name of a child or pet.
查看你的信用报告 并注册信用监控.
If you’re not already signed up at Patelco and your other financial institutions, 注册事务提醒. Transaction alerts contact you by text message and/or email whenever there’s a charge or a transfer on your account. Set up the alert for the lowest transaction amount possible, because criminals will often test by making smaller charges before marking larger ones.
警惕网络钓鱼诈骗. 如上所述, criminals can use data from breaches to create more personalizing phishing attacks – which will be easier to fall for.
Breaches have increased in frequency and scope over the last decade, 包括打得很大, 著名的零售商. 例如,2017年,塔吉特支付了18美元.5 million penalty to 47 states for a massive 2013 credit card breach where shoppers had their information compromised after shopping at their local Target store.
根据身份盗窃资源中心, nearly 2 million credit card and financial records are compromised annually, 另外, the amount of stolen consumer financial data being sold on the dark web more than doubled between July 2017 and June 2018 compared to the previous year, 网络安全公司IntSights称.
不像偷现金或刷加密货币, 数据泄露不会给犯罪分子带来立竿见影的收益. But criminals are creative and know how to use data stolen in a breach to make money. 这里有五种方法.
One way hackers profit from stolen data is selling it en masse to other criminals on the dark web. These collections can include millions of records of stolen data of many types, from medical data to financial records to Social Security numbers. The buyers can then use this data for their own varied criminal purposes.
一旦黑客从漏洞中获得你的数据, they can more easily target you directly to steal your identity. 简而言之, identity theft is using a victim’s personal information to gain benefits at the victim’s expense — 例如, opening a loan in the victim’s name and pocketing the money. Identity theft is easier for criminals once they have your name, address, and Social Security number.
If a data breach includes usernames and passwords – or even personal information like birthdays and pet names that many people use for credentials – criminals may break into financial and shopping accounts to take them over. The hacker may change your password, so you may lose access to your account. 一旦黑客控制了一个购物账户, 例如, 他们可能会为自己订购物品, 这要算在你的账上吗. 或者如果他们进入了你的财务账户, they may transfer the money out into their own account at another institution.
一旦黑客从漏洞中获取数据, they can more easily target you with personalized phishing attacks. 在钓鱼攻击中, a criminal sends a fraudulent message designed to trick someone into revealing sensitive information or to install malicious software on their phone or computer. 信息越个性化, the more the victim is likely to fall for it – for instance, 如果罪犯知道了你宠物的名字和药物, they may create a phishing attack in the form of a fake email pretending to be from your vet. When you click on a link in the message – which may contain accurate information about your pet and their prescriptions – you could be installing malicious software on your computer.
If data is of a very personal nature – such as healthcare data or data from a social media platform – criminals may even try to blackmail or extort victims, such as by threatening to reveal sensitive data unless a ransom is paid.
