A study conducted by the Pew Research Center showed that 64% of the population in the US have had their personal data exposed through some type of data breach. Now, more than ever, the majority of what consumers do is taking place online, which means protecting that personal data is paramount to protection one’s own identity. There’s no shortage of immoral persons waiting to get ahold of private data that can then be used for a number of purposes – fake credit, fake identities, fraudulent bank account access and more. While it may not always be possible to completely prevent the theft of private data – individuals can’t prevent large companies like Wells Fargo from ensuring they have proper controls established on their networks – there are still ways to minimize exposure and protect personal information.
Personal data can include names, identification numbers, addresses, vehicle identification, phone numbers, biometric data and computer network info, such as IP (Internet protocol) and MAC addresses. A breach doesn’t have to encompass all the different data types at once; profiles can be built over time that can compile the different pieces to form the complete picture. Hackers have plenty of tools at their disposal that allows cross-referencing and correlation of bits and pieces to eventually develop the entire profile.
To help reduce the risk of having personal data stolen, never provide more information than is absolutely necessary to complete the transaction. There’s little reason to give out a phone number, for example, or a physical address to subscribe to an online mailing list. Under no circumstances should personal data be given out over the phone or through email unless you can positively identify the recipient and only then if it’s absolutely necessary. Email is inherently insecure and intercepting communication is not a difficult task.
Wherever possible, two-factor authentication (2FA) should be used. While this is not a foolproof method, it goes a long way in preventing unauthorized scraping of personal data. Through 2FA, access to a particular bank account or gambling site through your computer, for example, can only be granted once confirming your identity through a second control, usually a code sent to a pre-registered phone number you own.