When the government announced yesterday that two cyberattacks last year were much worse than originally thought and had exposed the private and sensitive information of 21.5 million individuals, millions of Americans were left wondering, “How safe is our information? And what can we do to protect ourselves?”
The Office of Personnel Management said that every person given a government background check for the past 15 years (or roughly 7 percent of the American public) was most likely affected, but every incident of a cyberattack leaves us feeling more vulnerable — and one this big can be especially worrisome.
Related: OPM Hack Exposed Social Security Numbers of 21.5 Million People
Cybercrime is now the fastest growing crime in America. Big corporations and government agencies are not the only ones who are targeted. For the average person, the fear is that a data breach will result in identity theft. “There’s a big difference between a breach and an actual identity theft,” says Greg McBride, chief financial analyst at Bankrate.com. “With a breach, you know the information has been exposed but you don’t know if it’s been accessed or sold off. With identity theft, your information has definitely been accessed or stolen.”
Last year, nearly 13 million individuals were the victims of identity theft in the U.S., according to Javelin Strategy & Research.
“This is the reality of the world we live in,” says McBride. “All of us will have our identity breached at one point or another.” And being a victim of identity theft once doesn’t mean it couldn’t happen again. Once stolen, your personal information and identity can be sold and used multiple times. “There a big market for this information,” says McBride. “They could sell it. And they can sell it again and again.”
McBride cautions consumers to be especially careful of a new and growing category: medical identity theft, in which someone uses your name, health insurance number or insurance card to get prescription drugs or have a medical procedure done. They also can file claims with your insurance providers. To date, over 2 million Americans have been the victims of medical identity theft, with the number of patients affected by medical identity theft increasing by nearly 22 percent in the past year. “When you go into a doctor’s office, they don’t check your DNA,” says McBride. “All you have to do is hand them your insurance card.”
Related: Medical ID Theft Is a Way Bigger Problem Than You Think
If you suspect or know that your personal data has been stolen, there are steps you can take to protect your identity and financial accounts right now:
- Monitor your accounts and transactions. Look for signs of any unauthorized activity.
- Pull copies of your credit reports and make sure there aren’t any unfamiliar accounts on them.
- Subscribe to a credit monitoring service that will alert you about any suspicious activity.
- As a more extreme option, you can get a credit freeze to stop anyone — including yourself — from opening any new accounts in your name. “It completely locks the door,” says McBride. “Nobody can apply for credit in your name, not even you.” Freezing or thawing your credit costs money, and the fees vary by state. You also will need to contact each of the nationwide credit reporting companies — Equifax, Experian and TransUnion — to place a freeze on your credit report. Typically it costs about $10 per credit bureau, and another $10 to unlock it. And you will definitely need to take the lock off when it’s time to buy a car, rent an apartment or apply for a mortgage.
Related: The Cyber Attack That Could Take Down the Government
And while the OPM hack shows that even the most vigilant individuals can have their personal information compromised through no fault of their own, these basic identity-protection steps are always worth keeping in mind:
- Do not give out any personal information on any unsolicited phone calls, or respond to any emails asking you for personal information such as your name, address, Social Security number, date of birth, password or PIN.
- Be wary of any contest offers, sweepstakes and surveys over the phone or via email that “phish” or ask you for this information.
- Use a shredder to discard any mail, old bills, tax returns and financial statements, as thieves have been known to dumpster-dive for this information.
- Don’t leave your laptop or mobile device unattended, as these might contain passwords and access to bank and credit accounts.
- Avoid sending any personal information over your smartphone or laptop on a public wireless network in public places such as a library, airport or hotel.
- Scrub any personal information from computers and mobile devices before discarding or donating them.
Top Reads from The Fiscal Times:
