data breaches on the rise!With data breaches constantly in the news, many of us are likely already painfully aware of how common they are. In fact, anyone with suspicions about the increasing frequency of data breaches can now be assured that it’s not just their imagination. That’s because in late July, the Identity Theft Resource Center crunched the numbers and found that data breaches were up 29% from the same time last year. As of June, a whopping 791 data breaches were reported for 2017, and it’s project that number could increase to 1,500 reported breaches by the year’s end. (Be aware that these numbers don’t include the major Equifax breach that was announced in early September.) What does this increase in data breaches mean for you? Keep reading as we talk about the impact data breaches have on consumers and how you can protect yourself from them.

Is there anything different about data breaches this year?

The Identity Theft Resource Center’s mid-year report contains a number of details analyzing the nature of the data breaches happening this year. Many of their findings corroborate what consumers have both experienced and observed, but some might be a bit counterintuitive. Below, we go over several major points brought up in the report:

Hacking is the predominant cause of data breaches. The report found that hacking — which includes phishing, ransomware and skimming — was the leading cause of data breaches thus far this year, and it’s up by 5% from last year. This makes sense, given the increasing sophistication of phishing scams and the ease by which malware can be distributed and modified. Conversely, the frequency of “accidental web/Internet exposure” appears to have decreased from last year, which is interesting considering there were several high-profile data leaks this year as a result of the accidental misconfiguration of web servers, including ones affecting Verizon and the RNC.

Financial breaches are (relatively) small. Another finding is that banking/credit/financial breaches have increased to 5.8% of the first half of this year’s breaches, as opposed to 3.6% for the first half of 2016. Both years’ percentages might seem somewhat small given how frequently payment terminals and financial institutions seem to be targeted by scammers. Regardless of how intuitive they may or may not seem, these statistics highlight a very important point: we often tend to focus on financial- and credit-related identity theft, especially after the Equifax breach, but there are many other types of identity theft to be concerned with. Aside from so-called business sector breaches, the Identity Theft Resource Center found that health/medical industry breaches are among the most common (22.6% of reported breaches in the first half of 2017), meaning that a lot of consumers could become or might already be susceptible to medical identity theft.

The transparency of breach alerts seems to be decreasing. One troubling trend that the Identity Theft Resource Center found is that 67% of data breach notifications or public notices failed to disclose the number of records impacted by reported breaches. This is a 13% increase from last year’s percentage, suggesting that it’s becoming more difficult for consumers to learn if they specifically have been affected by a breach. Additionally, the lack of transparency makes it harder for industry observers to report on and assess the true impact of breaches for future benefit.

What should you do?

While there’s nothing you personally can do about the rise in data breaches, there are some steps you can take to prevent and mitigate the effects of a data breach on your own life.

Monitor all of your critical accounts and records

Monitoring your accounts and records for changes is your first line of defense against identity theft. Although you should, ideally, monitor everything, the following accounts and records are especially important:

Credit scores and credit reports. We often talk about the importance of monitoring your credit reports and scores frequently, given that the first signs of identity theft usually appear on financial or credit records. Although there’s nothing new to add here, it’s important to note the basics. If you’ve never checked your credit reports before, you should know that you can get all three (Experian, TransUnion and Equifax) for free once per year through AnnualCreditReport.com — note that there are other instances when you’re entitled to free credit reports. Once you have a copy of your credit reports, you should look through everything to confirm it’s legitimate. If you spot an error, dispute it, and if you spot a phony credit account, report it. Those who have already checked their credit reports in the past 12 months or who want to keep an eye on all three of their credit reports more than once a year should consider a credit monitoring service. Most credit monitoring services will provide you with all three of your credit reports and scores upon signup then again on a monthly or quarterly basis, as well as monitor the activity on your credit reports and alert you of any changes. Just be sure you select a service that monitors all three of the credit bureaus, as most lenders usually only report to one or two of the bureaus. Remember that you can also opt to freeze your credit indefinitely, which we’ve discussed the pros and cons of before.

Bank, credit card and financial statements. If you’re an account holder or credit cardholder at a bank or financial institution, you’ll want to ensure that you get regular updates about the status of your accounts. That’s why it’s best to comb through your bank, credit card and financial statements every month to confirm all transactions are legitimate. In addition, you should frequently verify the balances on any existing loans or credit accounts to make sure everything is accurate. If you spot anything that looks out of place, be sure to report it to your bank or financial institution. It’s also wise to practice good cybersecurity while accessing these accounts online. Similarly, make sure to activate two-factor authentication and be mindful of any third-party financial apps you might decide to connect with your accounts.

Explanation of Benefits. Whenever your health insurer issues you a statement, like an Explanation of Benefits, you should pay close attention to it for both errors and inaccuracies. This will not only help you make sure you’re being billed correctly, but also confirm that no one is using your identity to cover their medical expenses.

Social media accounts. For your online accounts, you need to make sure that you don’t overshare information. Ideally, you shouldn’t use your real name online, but if you do, make sure not to include other identifying information like your address or phone number. Also, make sure you use strong passwords and manage your privacy settings regularly. Not sure how to protect your social media accounts? Our guide to managing your social media reputation can help.

Develop good cybersecurity habits

With everything being online, it’s important to know how to protect yourself digitally. You should start by reducing your digital footprint, or all the devices and accounts you have. Having all of the latest devices and keeping every account you’ve ever created open increases your attack surface, or the ways that hackers can target you. This is why it’s so important to be selective about how you use the Internet. Once you’ve reduced your footprint, you should make sure you protect the accounts and devices you use with two-factor authentication and update your devices regularly, as it can protect you from known vulnerabilities. Finally, make sure to avoid accessing accounts over public Wi-Fi and try to only use sites with HTTPS encryption, especially whenever inputting personal information.

Although data breaches are becoming more common, that doesn’t mean that identity theft is inevitable. Keep reading our identity theft protection blog to learn more tips that can protect you and your family.