LONDON — Data breaches like the recent one involving millions of AT&T customers are becoming an almost regular occurrence.
As more of our lives move online, our personal data like email addresses, phone numbers, birthdates and even passcodes are becoming ever more vulnerable to theft or being mistakenly exposed.
In malicious breaches, cybercriminals can use stolen data to target people with phishing messages, or by taking out loans or credit cards in their name, a common and harmful type of identity theft.
Here are some tips to protect yourself.
In the United States, there’s no federal law compelling companies or organizations to notify individuals of data breaches, but it’s standard practice for them to inform affected customers and often provide identity protection services, said Oren Arar, vice president of consumer privacy at cybersecurity company Malwarebytes.
The situation is better in the European Union, where the 27-nation bloc’s privacy regulations require disclosure of certain types of breaches.
Even after a breach has been made public, cybersecurity experts say people need to remain vigilant. Be on guard for phishing and other social engineering attempts, in the form of emails or phone calls purporting to be from the hacked organization or someone offering help. Contact the company or organization involved to see if they can confirm it. But use their official website, smartphone app or social media channels – don’t use links or contact details in any messages you’ve been sent.
Also consult the Federal Trade Commission’s website for identity theft victims, identitytheft.gov, which provides step-by-step advice on how to recover from various scenarios.
If your data has been exposed, the first thing you should do is change your password for the account involved.
Use a strong password including letters, numbers and symbols. The longer the better – some experts say it should be 16 characters. Make sure to add multifactor authentication, which adds a second layer of verification by requiring a code sent by text message or email, or inserting a USB authenticator key into your device.
And if you’ve been using the same or similar login information for multiple websites or online accounts, make sure to change it. The reason is that if hackers pilfer your password from one service, they can try it on your other accounts and easily get into all of them. If you find it too hard to memorize all your various credentials, consider a password manager.
Click Here to Read the Full Original Article at ABC News: Business…