Thu, Aug 29, 2013

Beyond Fraud Alerts: Reacting to Data Breach Notifications

Earlier this month, CNET ran an article entitled “How to respond to a data-breach notification,” a topic that is obviously near and dear to Kroll, and one that typically does not get it’s due. We’ve written about the consumer’s reaction to data breach notifications before, and how companies need to take this into consideration when crafting the letter.

Many articles focus on various issues surrounding the act of notification itself the “quality” of the apology from the company, the fact that many consumers ignore the letters for various reasons, and whether or not credit monitoring is offered. But notification is a lot more complex and confusing from the consumer’s viewpoint than these seemingly disengaged conversations would imply.

So it was refreshing to see this article start off with a scenario that’s very familiar to the investigators at Kroll the consumer that has become so jaded by scams that he or she believes the notification itself to be a scam. There have certainly been events that back up this notion, so the consumer was right to believe this message was suspect. If you have any doubts about the legitimacy of a notification, then independent verification is important. Check the entity’s website or call their offices to verify the event and any associated offers of remediation.

The article soon jumps into steps you can take to protect your credit-related information, but it might not be a bad idea for the letter or message recipients to take a step back and further analyze the situation, so that they have as much information as possible to get a better idea of the true risk level for their identifiers. Read the entire notification letter and answer these questions:

  • What entity sent the letter?
  • What is your relationship with this entity?
  • Does the entity explain exactly what type of data was exposed? If not, what information do you know that you’ve provided to them in the past (i.e., name, address, credit card numbers, Social Security numbers)?
  • Does the entity share how the breach happened? For instance, was it an accidental exposure, an orchestrated attack for the purpose of stealing data, a lost laptop?
  • Has the entity offered any specific instructions for what you should do to further protect your data?

The circumstances of the breach play a large role in what you should do to protect your information. Take advantage of any offers of free credit monitoring, other types of monitoring, and consultation/restoration services. Vigilant monitoring and knowledge about how your identifiers might be affected will give you a good head start to ensuring that you recognize the signs of identity theft.

By Kroll Editorial Team

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.