To really understand a person’s problems, you need to walk a mile in his or her shoes – at least, so the saying goes. In the case of the Target breach, your organization can potentially learn a lot from walking a mile in a breached organization’s proverbial shoes. This event is turning out to be a game changer in more ways than one, and all organizations with a vested interest in keeping Personally Identifiable Information (PII) safe really should take note.
The holiday season is in full swing, and by now you’ve likely seen the annual warnings, tips and advice geared toward protecting your personal information. This is certainly the time of year that offers many opportunities to the thief. But much of the advice given can be followed all year long – for that matter, one of the best times to stay vigilant is right after the holidays, as thieves often wait to utilize the information they’ve stolen.
With that in mind, Kroll urges consumers to consider this season the “unofficial” kickoff to securing your personal information, and offers the following tips:
Earlier this month, CNET ran an article entitled “How to respond to a data-breach notification,” a topic that is obviously near and dear to Kroll, and one that typically does not get it’s due. We’ve written about the consumer’s reaction to breach notification letters before, and how companies need to take this into consideration when crafting the letter.
Many articles focus on various issues surrounding the act of notification itself – the “quality” of the apology from the company, the fact that many consumers ignore the letters for various reasons, and whether or not credit monitoring is offered. But notification is a lot more complex and confusing from the consumer’s viewpoint than these seemingly disengaged conversations would imply.
This month, California Attorney General Kamala D. Harris released an analysis of the 131 data breaches reported to her office by 103 companies, revealing that 2.5 million people — roughly 6.5 percent of the state’s population — were put at risk by in 2012. Each of the 131 incidents affected more than 500 California residents, with the average (mean) breach incident involving 22,500 individuals. Median breach size was 2,500 affected, and there were five breaches that exposed information for 100,000 or more.
Consumer Federation of America follow-up with identity theft services reveals how far the industry has come – and how far it still has to go
Earlier this month, the Consumer Federation of America (CFA) issued a press release concerning its reexamination and follow-up with several identity theft services that were analyzed in the 2012 report, Best Practices for Identity Theft Services: How are Services Measuring Up? The original report analyzed how well identity theft services communicated key information to potential customers on their websites and through marketing materials. This follow-up analyzed how responsive the service providers have been in making changes based upon the CFA recommendations for best practices.