With massive security data breaches happening more and more frequently, there is almost no way to avoid your own personal data being compromised. But what is the likelihood that your compromised data will actually be used for identity theft, fraud, or financial theft? Here’s how it breaks down.
Unless you live under the proverbial rock, or are otherwise completely off-grid, you will have to provide personal data to some organization at some time, and the way things are going, your personal data will be compromised.
Between human error and malicious insiders, time has shown us the majority of data breaches originate inside company walls.
In 2014, it seemed that we were writing about a different, and massive, security breach every month, including the massive Snapchat data breach, the Kickstarter security breach, and the mind-boggling 4.5million patient records that were compromised in the Community Health System data breach.
In 2015, you can expect at least one major data breach a week, judging by how things are going. PrivacyRights.org lists the following 11 data breaches for 2015, and we’re only 9 weeks into the year:
Jeb Bush Offices
CICS Employment Services
Riverside County Regional Medical Center
California Pacific Medical Center/Sutter Health
Sunglo Home Health Services
Mount Pleasant School District
If you’re thinking that the hackers are multiplying, you would probably be right. However, one of the biggest data security threats is still internal to companies: their employees. In their 2015 data breach forecast report, Experience says that “a majority of companies will miss the mark on the largest threat: employees. Between human error and malicious insiders, time has shown us the majority of data breaches originate inside company walls. Employees and negligence are the leading cause of security incidents but remain the least reported issue. According to industry research, this represented 59 percent of security incidents in the last year.”
Given all of this, what are the odds that your own personal data, once compromised by a data breach, will actually be one of the ones that is used for nefarious purposes, such as identity theft, financial gain, or other fraud?
To determine this, we went right to the top, and asked John Breyault, Vice President of Public Policy, Telecommunications & Fraud, at the National Consumers League, and the author or co-author of several research and policy papers on this very subject.
John very helpfully pointed us to the Javelin Research 2015 Report on Identity Fraud, along with referencing the Javelin 2014 report, which indicates that while back in 2011, if your data was compromised, you had about a 1 in 9 or 10 chance of having your data used by a malicious actor, now it’s risen to 1 in 3.
Let us repeat that: if your personal data is compromised in a data security breach, you have a 1 in 3 chance that it will be used.
And, if that data included your debit card information, the odds are nearly 1 in 2 that your data will be used, and you will be the victim of some sort of financial fraud or theft.
Now, that said, according to an article by security researcher Brian Krebs, and based on interviews with three different banks, the banks indicated that they were told by MasterCard/Visa that between 3% and 7% of all cards that are compromised are actually used before the card is reported and the bank takes action. This does not necessarily refute the nearly 1 in 2 odds quoted above, which can include financial fraud outside of the use of your card number.
Either way, not very reassuring, is it?
While consumers can be as diligent and vigilent as can be, it doesn’t help if the issue is outside of their control, such as their bank or health care provider being hacked. (Relatedly, for those interested, our friends over at Baker Hostetler have a chart of data breach security laws broken down by state.)
Now that we’ve delivered this bad news, what steps do you take to help ensure the security of your personal data? Let us know below!
|Get notified of new Internet Patrol articles! |
You might also like some of our other articles: