As a provider of HR technology that serves as a system of record for sensitive employee data, PeopleStrategy takes security extremely seriously. We were recently reminded of how diligent all of us must be when it comes to the protection of personal data after some of our clients were affected by the security breach at ComplyRight, a third-party provider PeopleStrategy used to transmit forms required by the federal government under the Affordable Care Act (ACA) to the IRS. While companies may employ the latest security tools and technologies, they can still fall victim to today’s cyber criminals who are constantly finding new ways to hack their way in.
Cybercrime is real and on the rise
As technology continues to rapidly evolve, so does cybercrime. From email scams and malware to viruses and identify theft, the methods of cybercrime – and the individuals committing these crimes – have become increasingly sophisticated, intelligent and dangerous. Today, cybercrime is a global criminal industry with damages costing the world nearly half a trillion dollars each year. This amount is forecast to increase to $6 trillion per year by 2021.1
Major security breaches are hitting the news with more frequency as companies like Equifax®, Experian™, Yahoo, Anthem, Uber and FedEx® – giants that we as consumers often feel are untouchable – fall victim to cybercrime. The graphic to the left illustrates how many data records have been compromised in only a handful of security breaches over the past 10 years. The numbers paint a very disturbing picture; the reality is the odds are your personal information has already been, or will be, exposed.
How to protect yourself in the event your data is compromised
First and foremost, you should assume data about you as a consumer such as your name, date of birth, address, previous address, phone number, credit card numbers, Social Security number and other sensitive information has already been breached or stolen. Second, consider taking some of the following actions:
Enroll in a credit monitoring service
Most companies that have a security breach offer customers who may have been impacted a free credit monitoring service. While it doesn’t hurt to take advantage of the offer, it won’t necessarily protect you from identify theft. However, having a credit monitoring service in place can help you be more quickly aware if your identity is stolen, and to recover more quickly.
Place a fraud alert on your credit file
With a fraud alert on your credit file, potential lenders and other service providers should obtain your approval before granting credit in your name. You can place a fraud alert by contacting on the of the credit bureaus, completing a short form and answering a few questions about your credit history. If the application is approved, the credit bureau you filed with must share the alert with the other credit bureaus. If you are a victim of identity theft, you can get an extended fraud alert that will remain on your credit report for seven years.
Check your credit report regularly
Be sure to order a free copy of your credit report on a regular basis. Each of the three major credit bureaus (TransUnion®, Experian™ and Equifax®) are required to provide a free copy each year via this website: https://www.annualcreditreport.com/index.action. Make a note on your calendar to request a copy every 3 months; review the report and be sure to report anything unusual you see.
Opt out of pre-approved credit offers
Another common practice of identify thieves is to steal your mail; specifically, offers of new credit and insurance. The best way to prevent this is to opt out of these offers either for five years or permanently. To opt out for five years, call 1-888-5-OPT-OUT or visit www.optoutprescreen.com. For a permanent solution, you can start the process at www.optoutprescreen.com.
Put a security freeze on your credit file
Obviously, the preference is to avoid having your identity stolen in the first place. One step that may help prevent this from happening is to put a security freeze on your credit files with the major consumer credit reporting bureaus. This blocks potential creditors from being able to automatically view your credit file unless you “unfreeze or thaw” your file. With a security freeze in place, the chances an identify thief will be approved for a line of credit in your name is significantly reduced because few creditors will approve a line of credit without first assessing the risk, which involved viewing your credit file. A freeze also protects your credit score by reducing the number of credit inquiries (each credit inquiry has the potential to lower your credit score). There are potential costs involved with a security freeze so be sure you understand all that is involved.
File Form 14039 with the IRS
If you have been victim of a security breach, you can file a Form 14039 with the U.S. Internal Revenue Service (IRS) to reduce the change of becoming a victim of tax refund fraud, an increasingly common scam where criminals file a tax refund request in your name and keep the refund. Form 14039 is used to request the IRS to issue a one-time code, called an IP PIN, by postal mail that you must then enter on subsequent tax returns before the return can be accepted by the IRS.
As consumers, let’s not make it any easier on cyber thieves – use the tips above to help prevent identify theft from happening to you.