DNCIt would seem after data breaches and hacks within powerful companies like Sony and Target as well as hospitals and the U.S. government, nobody would be so foolish as to think themselves immune. However, the Democratic National Committee (DNC) seems to be learning a hard lesson on security as a recently-discovered intrusion has led to leaked internal documents and the resignation of the party chair over the past week. If you’ve been watching or reading the news, you may have heard about this, but might not know exactly what happened or how it might relate to you. Here’s the breakdown.

Russian hackers infiltrated the DNC computer network

Although the first reports of an infiltration in the DNC computer networks came in June 2016, there were indicators that something was wrong long before. Although the DNC officially hired security firm CrowdStrike in early May to look into any potential threats, federal investigators tried to warn them several months prior. CrowdStrike’s forensic investigation discovered not one but two “advanced persistent threats” present on the DNC’s systems and linked both to the Russian government’s intelligence services. These conclusions were backed up by two competing cybersecurity companies on June 20, and it was determined that at least one of the breaches occurred as early as the summer of 2015.

What data was taken?

According to those who have investigated the breach, the primary target of this attack was the DNC’s database of research on GOP presidential candidate Donald Trump. The compromised data included emails, messages and other correspondence between DNC staffers — many top officials within the party — as well as documents and other files. More than 20,000 documents were posted to the WikiLeaks website for anyone to read on July 22, and there are concerns that there are more stolen documents yet to be released.

What lessons can the average person take from this?

Unfortunately, cybersecurity practices among individuals as well as major organizations are not as strong as they should be — the initial reports on the lack of security were even mocked by the DNC’s deputy communications director in an email that was later released as part of the leak. Some of the poor cybersecurity practices used within the DNC include sending passwords to sensitive accounts over email and the sharing of spreadsheets which contained sensitive personal information about individuals, such as social security numbers.

Anytime some kind of major government or corporate hack occurs that doesn’t directly affect the majority of U.S. citizens, it might be tempting to write it off as not having an influence on your life. However, at the very least these instances are reminders that nobody is untouchable, so you should not only be doing your best to keep your information secure, but also make sure you know who has your information. When the Office of Personnel Management breach happened, thousands of citizens were probably surprised to receive notification letters that their information was potentially compromised. Anyone who had applied for a job with the government in recent years, even if they didn’t get it, was in the system and accessible to the hackers — yet many probably had no recollection.

Keeping a record of who has your social security number as well as taking notice of the privacy policy of companies you provide it to doesn’t prevent your information from being stolen in a breach, but it does make sure that you are at least more likely to take notice when something happens and protect yourself. After all, the person who cares most about your identity is you.

Want to know how to protect yourself? For tons of articles with tips on keeping your privacy and identity secure as well as up-to-date news on breaches and other cybersecurity happenings, follow our identity theft protection blog.