Lately the news is full of stories of companies and online services that have been hacked and lost their customer’s private information.  TDAmeritrade, Playstation Network (multiple times), LinkedIn, US Department of Veterans’ Affairs, Utah Medicaid, and many more have lost customers’ data lately ranging from email addresses and passwords to social security numbers.  How can you protect yourself when those entrusted to your data don’t?  Here are some tips to help you with damage control should your information be compromised.

 

  1. Give out only as much information as absolutely necessary. – Neither your hairdresser, Facebook, nor most businesses need your social security number, address, or blood type.  Enough said.
  2. Use unique passwords. – Ideally you should have a unique password for every site or service you use.  I’ve written about an easy method for this here.  At the absolute minimum you should have at least three unique passwords; one used only for your bank, one used only for your email, and one for everything else.
  3. Keep your computer virus free. – Educate yourself on good computer security (you can start here) and get a good antivirus program.  Many viruses are built to hide and steal your personal information.
  4. Don’t trust any computer (or network) that you don’t control. – Don’t use the computers at the library, school, and especially not at internet cafes to check your online banking or other secure services.  This also applies to Free WiFi at restaurants, hotels, etc while using your own computer.
  5. Learn what Phishing looks like and how to avoid it. – OpenDNS has a great phishing quiz to help you learn how to avoid being tricked into giving away personal information.

Notice that all of these tips involve prevention of not reaction to a data breach.  Once data is lost, it is gone and usually gets posted on the open internet for everyone to see.  If you are curious to see if you have been a victim of a recent data breach or identity theft, two great resources are https://shouldichangemypassword.com and https://www.annualcreditreport.com/.  The first site will even let you register for email notification in the event that you become a victim of a data breach in the future.

Have you already been a victim?  Watch for next week’s email Have You Been Hacked? Part 2.