T-Mobile was hit by five cyberattacks in four years. Over 50 million former and prospective customer accounts were affected in the most recent cyber attack, exposing personal information ranging from driver’s licenses and birthdates to social security numbers.
Hacks like these are often reported from a company-centric perspective. The customers are mentioned as being a part of the hack, but it feels peripheral. In the end, the data that’s exposed isn’t just company data – large chunks are customer data, too. This leads to the lingering questions: What happens to all that hacked data and how can you protect yourself now and in the future?
Personal information is for sale now!
Chances are high that your personal information is out there somewhere on the dark web. Once hackers acquire your data, it’s packaged and sold online so criminals can do all sorts of things using your identity.
Think in terms of long-game scam rings using personal data mashups to create new identities that can go undetected for a while. The other side is a stealth attack on your personal information and all the accounts tied to it. With a few pieces of data, criminals can gain access to your bank accounts, apply for credit, transfer money between accounts, and even buy a house before you’re privy to what happened.
Data shopping sprees
According to the Privacy Affairs Dark Web Price Index 2021, personal data is purchased on the dark web for as low as $2! Here are some examples of personal data you can pick up on the dark web:
- Cloned American Express card with personal identification number (PIN) for $35
- Hacked Facebook account for $65
- Indiana ID (forged physical document) for $185
- New York driver’s license (forged document scan) for $80
- Utility bill templates for $45
- Stolen online banking logins (minimum $2,000 on account) for $120
- U.S. valid social security number for $2
- Alberta, Canada driver’s license (forged document scan) for $32
- Hulu hacked account for $4
- Uber hacked account for $8
The saddest item on the list is a U.S. valid social security number for the rock-bottom price of $2. Considering the damage you can do with a social security number (like apply for a loan), that’s quite a steal – literally and figuratively.
Free credit monitoring won't cut it if your data is sold into a scam operation. You can cancel a stolen credit card, dispute the charges and move on. But how do you dispute misuse of your identity? Personal cyber insurance kicks in when your front line of prevention fails.
How to Protect Your Data
- Tend to your operating systems and software Make sure your computer and mobile devices are running the latest version of operating systems and software.
- Update your privacy preferences Regularly review and update your web browser’s privacy preferences, delete any cookies, and clear the cache.
- Reset your home network router Routers that enable wireless devices to connect to your home internet service are vulnerable to hacking, too — if you rent a router from your internet provider, call them to see if you are eligible for a new one or for help to update your current router’s settings.
- Update account passwords Create different passwords for each of your online accounts — if you have a lot of accounts and find it challenging to keep track of all those different passwords, consider subscribing to a password generator tool that generates random passwords for each one of your accounts but requires you to only remember ONE.
- Know how to protect yourself from a phishing scam. Phishing emails are very profitable for cybercriminals. In fact, 22% of data breaches involve phishing. Thousands of people fall victim to them each year. Phishing scams are avoidable if you know to correctly identify and prevent them.
Do I need cyber insurance?
Do you use technology? Obviously you use technology, or you wouldn't be reading this blog.
Technology is such an integral part of our every day lives. You make payments online, apply for mortgages online, share your whereabouts on social platforms. Your sensitive personal data can be easily compromised.
On average, a cyber attack costs an individual $5,300. At this point, having personal cyber insurance could really be useful if you conduct any type of transaction online. It could save you thousands of dollars and a lot of headaches.
How does cyber insurance work?
If you are victim of a cyberattack, you can file a claim to help pay for expenses and financial losses. The process to file a claim is typically similar to how you would file a claim for your car or home.
Let's say you have a cyber insurance policy that has a $25,000 fraud coverage and a $1,000 deductible. You fall victim to one of those Amazon scams. Your credit card is charged $3,500. You file a claim. You will get back $2,500.
What’s in a cyber insurance policy?
Some major insurance companies now include cyber insurance with homeowners policy, so check with your agent. If your homeowners insurance policy doesn’t offer cyber coverage as an add-on, you can always buy a separate policy.
There are several cyber insurance options available, but the terminology and coverage can vary between insurance companies. Check with your insurance agent or broker about the policy details and exclusions before you sign. Here are a few common coverages:
|Cyber insurance option:||Helps with:|
|Lawsuit protection||Representation for allegations of online libel, slander or invasion of privacy|
|Active cyber monitoring||Identify theft monitory services monitor your personal information in credit card applications, public records, and websites. They are looking for unusual activity. If unusual activity occurs, you will receive an alert.|
|Computer or home system attack||Resolving a data breach of your home security system, smart home network, computer systems or devices|
|Cyber extortion||Obtaining professional assistance to manage an extortion threat and reimbursement for ransom payments|
|Identity restoration/identity theft||Expenses related to fraud and regaining control over your identity|
|Cyberbullying||Costs related to a cyberbullying event such as lost wages or wrongful termination (e.g., hijacked email and social media accounts led to inappropriate emails sent under your name, resulting in your termination) or psychiatric services related to cyberbullying trauma|
|Online fraud coverage||Expenses related to phishing, vishing and smishing attacks; and unauthorized use of bank accounts, transfers or credit cards (some policies may not cover cryptocurrency)|
Not entirely sold on cyber insurance? Science fiction becomes science fact
Picture this example: A software programmer works from home and communicates electronically (she doesn’t video chat). Her neighbors don’t know her because she is a workaholic and rarely leaves the house, and no one at her job has met her in person. Her life is verified electronically, and her identity is assumed – until her personal information is stolen, and her entire life is reduced to ruins. This example sounds like a plausible predicament for today’s headlines, but it’s actually the premise of the 1995 fictional movie “The Net.” If only she had cyber insurance!
Of course, you may not be a computer programmer with mad skills to hack back, like in the movie. You’re just a regular person who doesn’t want a criminal to use your identity to buy a car online. And if they do, you want your money and your identity back.
If you have questions, give us a call! We are here to help.