Once More, a Data Breach, Dear Friends

While the cyber hack of Sony Pictures Entertainment uncovered confidential emails that titillated Hollywood, it also exposed more than 47,000 Social Security numbers of past and present employees, as well as company financials.

The trend is on the uptick. In the past year and a half alone, customer information from Neiman Marcus, Home Depot, JP Morgan Chase, Staples and Goodwill was  compromised. 

“Think about the information imprint that the average consumer creates today versus 10 years ago,” says Kurt Wimmer, U.S. chair of Covington & Burling’s privacy and data security group. “Each time you make an online purchase, send a text message, click an online advertisement or download a new app on your smartphone, this creates a new thread of data.”

Most of this electronic information is stored by businesses. “To hackers, these are prized commodities,” says Marc S. Martin, partner at K&L Gates who practices in the telecom, media and technology group. “As the size of the data pie increases, so too will hackers’ attempts to breach it.” 

Even as corporations and financial institutions are coming up with new data safeguards, hackers are devising ways to infiltrate them. 

If you suspect your information has been compromised, begin collecting copies of statements that indicate fraud, says Chris Griner of Stroock & Stroock & Lavan’s national security privacy group, and document the date on which you discovered a problem. Notify your financial services provider immediately. “When we say immediately, we mean the moment you suspect fraud,” Wimmer says. He suggests writing down the names of everyone you talk to while attempting to resolve the matter. 

Also, don’t forget to notify any entity—like a client or employer that makes direct deposits into your account—of the suspected breach, Martin notes, and notify the three main credit-reporting agencies to place a fraud alert on your account. It “will make it harder for bad actors to open unauthorized credit accounts,” he says. “It also provides you free access to your credit report, which will help you determine if any unauthorized credit accounts have been opened in your name.”  

If only one credit card has been compromised, and the breach was discovered early, you can generally resolve the issue with the financial institution, Griner says. He recommends that identity theft victims file an Identity Theft Victim’s Complaint and Affidavit, available at FTC.gov. 

Identity-theft protection services are an option, too. However, “Personal diligence remains important,” Griner says. “The only secure computer may be the one that is never used.”

PROTECT YOURSELF FROM A CYBER ATTACK