What Is A Data Breach?

You’ve probably heard the term “data breach,” but do you really understand what it is? Make time now to learn more details about a data breach, including what you can do to protect yourself.

Data Breach Defined

A data breach, data leak or data spill is defined as an incident when protected, sensitive or confidential data is viewed, used or stolen by someone who does not have authority to access that data.

The term typically describes a breach that occurs online over the internet. However, it also includes laptop thefts or reading physical files.

During a breach, affected data can include:

  • Non-sensitive or sensitive personally identifiable information (PII) – address, age, or Social Security number
  • Personal health information (PHI) – medical history, lab test results and insurance information
  • Intellectual property
  • Trade secrets

How Does a Data Breach Occur?

Anyone can be affected by a data breach, and it can happen in several ways.

  1. Thieves intercept unencrypted data.
  2. Hackers gain access to files over weak or unsecured computer networks.
  3. Someone with access to personal information sells it to thieves.
  4. Your laptop, smartphone or other electronic device is misplaced or stolen.
  5. A hacker gathers the personal data you share over unsecured websites.
  6. Phishing schemes entice you to share your data with criminals.
  7. You send sensitive information through social media.
  8. Physical files or hard copies of information are stolen.
  9. Someone videotapes an employee who enters data into the computer.

What Happens After a Data Breach?

When your data is used, viewed or stolen, it can affect you in several ways.

  • The criminal could access your financial accounts.
  • Someone could impersonate you and open credit accounts or apply for car, house or personal loans in your name.
  • The thief could log into your work account and gather secret information about your company.

Protection from a Data Breach

Numerous regulations dictate how employers, medical providers and others can use your data. For example, the Health Insurance Portability and Accountability Act (HIPAA) regulates access to your PHI, and the Payment Card Industry Data Security Standard defines who can access and use your sensitive PII.

These protections aren’t always enough, though. You should also take several steps to protect your data.

  • Secure your devices with passwords.
  • Use a different and challenging password for each log-in.
  • Encrypt sensitive personal and work data.
  • Share personal information, including your credit card number, on secure sites.
  • Do not open links from untrusted sources.
  • Update software often.
  • Subscribe to a data breach monitoring service.
  • Purchase cyber liability insurance

A data breach can affect your life now and well into the future. Take steps today to protect yourself.

Steps To Take If Your Identity Is Stolen

Identity theft affects over 17 million people every year reports the Bureau of Justice Statistics. While you hope it doesn’t happen to you, these steps can help you take action if you are an identity theft victim.

Take action immediately.

As soon as you think your identity is stolen, take action. The situation will only get worse if you wait to correct it.

Create a log.

In a notebook or on your phone, create a log that tracks every phone call, letter or email you send. Record the dates and times of the communication and the person to whom you speak. You’ll need this record to prove that you’re taking action to address the identity theft.

Contact the three credit bureaus.

Ask the three credit bureaus to put a fraud alert on your accounts.

Review your credit reports.

Check your credit reports carefully. Verify that your personal information is correct then look for any inquiries, open accounts or delinquencies that you did not initiate. Report suspicious activity to the credit bureau immediately.

File a Federal Trade Commission report.

When you report identity theft to the FTC at www.identitytheft.gov or 1-877-ID-THEFT (438-4338), you receive a personalized guide that helps you recover your identity. They also provide you with important forms for creditors and the police.

File a police report.

Identity theft is a crime, so report it to the police. Provide as much evidence of the theft as you can, and keep a copy of the police report to show your creditors.

Contact other organizations if necessary.

If you think your Social Security number or passport is compromised, contact the appropriate organizations.

Close compromised accounts.

Scan your bank and credit card statements, including dormant accounts, for suspicious or fraudulent activity. Alert the financial institution right away if you spot problems, and ask them to lock or close your account.

Open new accounts.

You must continue to pay bills after your identity is stolen, so open new bank and credit card accounts. For each account, choose unique PINs and passwords.

Deal with debt collectors.

You may receive notices from debt collectors about outstanding bills. Call them and send a letter that indicates you are an identity theft victim and not responsible for unpaid bills. Include any related documentation, such as the police report. Ask the debt collector to confirm in writing when the collection account is closed.

Identity theft is challenging to handle and disrupts your life. If you’re a victim, take these steps.

How To Handle Stressful Jobs In Nine Steps

We know that certain dangerous, demanding, detailed and repetitive professions are stressful, but every job includes stressors. Stressful jobs can cause physical, emotional and mental problems for employees. They also affect company safety, productivity and morale. Take nine steps as you learn how to handle stressful jobs and stay healthy.

Identify the stressors.

Numerous factors contribute to stress. Are you overwhelmed with responsibilities, frustrated with co-workers or bored? Identify your stressors as you consider your stress-management options.

Modify your job.

A simple modification like different work hours or a new work station can decrease your stress level. Talk with your supervisor about modifying your job and improving your health.

Talk to someone you trust.

Find a network of listeners who will support you when you need to talk. A friend, co-worker, job coach or therapist can be a sounding board, offer empathy and help you discover a different perspective.

Say no to extra responsibilities.

You may take on extra responsibilities to get a raise or keep your job. Too much work can increase stress, though. Instead, say no to responsibilities you can’t reasonably handle. If saying no isn’t an option, investigate ways to drop or delegate duties.

Organize your day.

Prioritizing tasks, setting a definite quitting time and cleaning off your desk are three simple ways you can organize your day. These steps can also help you feel more in control and less stressed.

Take a break.

Some companies offer flexible time off, so take a day or more when you need it and reboot, relax and unwind. You can also use break time to recharge. Take a walk outside, find a quiet place to meditate, listen to music or read a book.

Change your mind-set.

Maybe you demand perfection from yourself or are stuck in a pattern of negative thinking. Change your mind-set. Give yourself permission to do your best or meditate on inspirational quotes that change your thinking and reduce your stress.

Advocate for yourself.

You may find that nothing helps and your stress levels are still unhealthy. Advocate for yourself and better working conditions. Schedule a meeting with your supervisor, and calmly address the stressful factors. Be prepared with details of the challenges you face and possible solutions.

Find a new job.

A different job or position in your company could relieve your stress. If this switch isn’t possible, you may need to change companies or careers as you protect your health.

Stress on the job can affect your health and work environment. Take these nine steps as you learn how to manage stressful jobs and stay healthy.

Top Eight Home Security Tips

A burglary happens every 15 seconds in the United States with thefts averaging $1,725. Protect yourself, your family, your home and your peace of mind when you implement eight top home security tips.

Install an alarm.

Noise is a top deterrent to criminals. Install a whole-house alarm system if possible. Otherwise, post an alarm company’s sign in a prominent location to warn thieves away.

Make the house look occupied.

An empty house is an easy target, so make your home look occupied at all times.

  • Use a timer to turn on outdoor and indoor lights at the same time both day and night.
  • Ask a neighbor to pick up mail and newspapers if you’re on vacation.
  • Don’t advertise travel plans online.
  • Keep a car parked in your driveway.

Turn on the lights.

Burglaries can occur in broad daylight, but thieves also like darkness. Install plenty of outdoor lighting around your property and near all doorways. Set your lights on a timer, too, so they go on and off at the same time each day, giving thieves the illusion that you are always home.

Secure the doors.

An unlocked door is an open invitation for burglars, and exterior doors are the most common point for burglar entries. Be sure to buy sturdy, wooden or metal exterior doors with deadbolts and auxiliary locks, and keep them locked even when you’re home. If you have a sliding door, secure it with a metal bar. You should also change the locks after you move into a new house and after you lose your keys.

Secure the windows.

Keep your windows locked at all times. If possible, purchase multi-pane windows with reinforced glass or acrylic. You can also add security film for additional protection.

Don’t hide a spare key.

You may be tempted to store a spare key under the doormat, on the door frame, in your mailbox or in a false rock. Instead, give it to a trusted neighbor where it’s inaccessible to a burglar.

Trim the bushes.

Overgrown bushes, shrubs and other landscaping provide the perfect cover for a thief. Trim the landscaping around your home. You can also plant thorny or spiked plants under windows to deter criminals.

Secure the garage door.

It’s surprisingly easy to break into a garage, so always lock the door. Install a motion sensing light in the garage, too, to alert you and neighbors of suspicious activity. You should also remove your automatic garage door opener from your vehicle overnight.

These top eight home security tips protect you, your family and your valuables. For additional security tips, talk to your insurance agent.

Workplace Cyber Risks

The federal Internet Crime Complaint Center received more than 330,000 complaints in 2009, and more than a third of them ended up in the hands of law enforcement. The damages from those referred to the authorities totaled more than a half billion dollars. The Government Accountability Office estimated that cyber crime cost U.S. organizations $67.2 billion in 2005; that number has likely increased since then.

With so much of business today done electronically, organizations of all types are highly vulnerable to theft and corruption of their data. It is important for them to identify their loss exposures, possible loss scenarios, and prepare for them.

Some of the questions they should ask include:

What types of property are vulnerable? 

The organization should consider property it owns, leases, or property of others it has in its custody.

Some examples:

  • Money, both the organization’s own funds and those it holds as a fiduciary for someone else
  • Customer or member lists containing personally identifiable information, account numbers, cell phone numbers, and other non-public information
  • Personnel records
  • Medical insurance records
  • Bank account information
  • Confidential memos and spreadsheets
  • E-mail
  • Software stored on web servers

Different types of property will be susceptible to various threats, such as embezzlement, extortion, viruses, and theft.

What loss scenarios could occur?

The organization needs to prepare for events such as:

  • A fire destroys large portions of the computer network, including the servers. Operations cease until the servers can be replaced and reloaded with data.
  • A computer virus infects a workstation. The user of that computer unknowingly spreads it to everyone in his workgroup, crippling the department during one of the year’s peak periods.
  • The accounting department discovers a pattern of irregular small funds transfers to an account no one has ever heard of. The transfers, which have been occurring for almost three months, were small enough to avoid attracting attention. They total more than $10,000.
  • A vendor’s employee strikes up a casual conversation at a worker’s cubicle and stays long enough to memorize the worker’s computer password, written on a post-it note stuck to her monitor. Two weeks later, technology staff discovers that an offsite computer has accessed the human resources database and viewed Social Security numbers, driver’s license numbers, and other personal information.

In addition to taking steps to prevent these things from happening, the organization should consider buying a Cyber insurance policy. Several insurance companies now offer this coverage; although no standard policy exists yet, the policies share some common features. They usually cover property or data damage or destruction, data protection and recovery, loss of income when a business must suspend operations due to data loss, extra expenses necessary to maintain operations following a data event, data theft, and extortion.

However, each company might define these coverages differently, so reviewing the terms and conditions of a particular policy is crucial. Choosing an appropriate amount of insurance is difficult because there is no easy way to measure the exposure in advance. Consultation with the organization’s technology department, insurance agent and insurance company might be helpful.

Finally, all policies will carry a deductible; the organization should select a deductible level that it can afford to pay and that will provide it with a meaningful discount on the premium. Once management has a thorough understanding of the coverages various policies provide in relation to the organization’s exposures, it can fairly compare the costs of the policies and make an informed choice.

Computer networks are a necessary part of any organization’s environment today. Loss prevention and reduction techniques, coupled with sound insurance protection at a reasonable cost, will enable an organization to get through a cyber loss event.