Managing Director of Fintech Research at Cornerstone Advisors
“A new company called Breach Clarity may have a better approach. The company analyzes every publicly reported U.S. data breach based on more than 1,000 factors, then computes a score for each breach and provides consumers with recommendations on what they should do. Breach Clarity’s approach goes beyond just providing information and advice. By analyzing the types of data that were breached, the firm can predict what types of financial crimes could be committed in the future.”
A cyberattack against Light Tower Financial Strategies allowed the perpetrator to gain unauthorized access to a computer containing sensitive personal information on Light Tower’s clients. Exposed data types include Social Security numbers, credit and debit card information, driver’s license numbers, contact information, and more.
What should you do? Any time a breach exposes data that is this sensitive, victims should take the time to make sure that they have put essential protections in place across all aspects of their identity. This includes locking or freezing your credit report; using strong authentication on your bank accounts, email, and other important services; and making sure that you have set up alerts for suspicious activity on your accounts.
A ransomware attack against Walsh Brothers compromised files containing sensitive personal information. In ransomware attacks, the goal of the attack is typically to extort the infected organization into paying to regain access to their files, although some ransomware strains also take the encrypted files and send them to the group managing the malware. Compromised data types include Social Security numbers, driver’s license numbers, financial account information, and contact information.
What should you do? This breach carries a high risk of account takeover – unauthorized access to victims’ bank accounts. Setting up strong authentication, such as use of temporary passcodes at login, can protect your financial accounts. Victims should also review the alerts offered by their bank or credit union to ensure that they are notified of suspicious login attempts or transfers out of their bank accounts.
The personal information of customers of Recology King County was compromised in a ransomware attack against Automatic Fund Transfer Services, Inc. This is a continuation of the same incident we highlighted last week involving four Washington Cities. Unfortunately, while those cities used AFTS to process paper checks and consequently only exposed fairly low-value data, the data exposed for Recology customers includes credit and debit card information in addition to names, contact information, and images of checks.
What should you do? When credit or debit card data is stolen, you should contact your issuer to determine whether you need a replacement card. Many card issuers also allow you to set up alerts for large or unusual purchases. These alerts can help you quickly identify suspicious activity and notify your bank or credit union of the fraud.
A ransomware attack against Warehouse Services, Inc. compromised files containing sensitive personal information, including Social Security numbers, financial account information, names, addresses, and dates of birth. In ransomware attacks, the goal of the attack is typically to extort the infected organization into paying to regain access to their files, although some ransomware strains also take the encrypted files and send them to the group managing the malware.
What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.