Yes indeed. I have been involved in multiple data compromises; Target, Home Depot, Retirement system, Equifax, Blue Cross/Blue Shield are ones I can name off the top of my head. As a good faith offering, the affected companies have extended free credit monitoring. Sometimes the breaches were caused by insecure and sloppy practices such as outdated and unpatched systems, lack of controlled access or weak policies.
The latest notification I received was involving the AT&T breach that occurred between May 2, 2022 to October 31, 2022 as well as on January 2, 2023.
Customer data was downloaded illegally from their workspace on a third-party cloud platform. They assure us that this entry point is now secured. Call and text records were downloaded but no details of the content or personally identifiable information.
And I am just now being notified? How long did they know about this breach?
So here is my question-Why aren’t the companies that hold our personal information doing enough to protect it?
I take many precautions to protect my online reputation and assets. Now that the cyber crooks have access to my phone number, I must continue to protect myself from scam calls and texts. When I MUST pass some secure data onto a vendor, I am entrusting them with protecting it as if it were their own. Can they offer better protections and quit cutting corners and ignoring best security practices?
Understanding that I can’t be in control of all these measures, I am taking necessary steps to protect my information and assets. I have placed a freeze on my credit reports at all 3 credit reporting entities (Equifax, TransUnion and Experian). I have alerts set up for unusual activity on my credit cards. I check my credit card statements every month. I monitor my bank accounts. I use security best practices when online; don’t disclose personal information online, unique passwords and MFA for online accounts, don’t click on random links or open attachments not expected, use secure Internet connections with a VPN, visit secure websites with https://, ignore and/or report spam texts and emails.
Take the necessary steps to protect yourself and, hopefully, if you fall victim to a data breach, the impact will be less significant.
Resources:
How to place or lift a security freeze on your credit report