In a recent feature covering some of the biggest hacks and data breaches of 2015, ZDNet dropped a chilling statistic: “Almost every American has been affected by at least one data breach this year.” Indeed, it was the year of the data breach, a year that saw everyone from retailers to the government facing cyber security disasters.
The Data Breaches
On the retail or consumer end of the spectrum, drug stores like CVS, Walgreens, Costco, and Rite Aid were all hit, with customers’ names, addresses, phone numbers, and credit information compromised in the fallout. The hotel chain of presidential candidate Donald Trump was compromised with credit card data again being the target. Crowdfunding site Patreon was also a target, and while the site evidently didn’t lose credit card data, names, email addresses, and posts from the site were compromised.
On the governmental end of the spectrum, meanwhile, the breaches were even more devastating. A breach of the Office of Personnel Management compromised the background check data of U.S. government personnel—as well as spouses, family members, and other contacts. According to NBC News, the breach affects 21.5 million people and could be a major problem for national security. The IRS, meanwhile, lost taxpayer information, while the Army National Guard also announced a data breach.
Even the technologies meant to protect consumers from hacking and other cyber threats weren’t safe from data breaches in 2015. On the contrary, LastPass, one of the most popular password management apps on the market, was hacked in June, losing user email addresses, password reminders, salts, and authentication hashes. The hackers didn’t get user password vaults, but the hack still called into question whether or not password managers can be counted upon to keep your passwords—and, by connection, all of your online logins—safe.
Protecting Yourself from Hacks
In an age when data breaches of major businesses and organizations are clearly becoming more commonplace, the question is how can you protect yourself and your data? The first and most obvious step is to be vigilant about changing your passwords. Make a point of changing your passwords once or twice a year, particularly on accounts that are linked to your finances or harbor a lot of sensitive data.
If and when you hear about a service or site you use that’s been hacked, set to work changing your passwords right away. For instance, if you were using LastPass when the service was hacked, you would likely have taken that event as a warning to change not just your LastPass master password, but also your highest risk logins around the web.
If the victim of the data breach is a retailer, hotel chain, or some other business that you frequent (or that has your information for one reason or another), you might consider credit monitoring. Sometimes, sites or businesses that have been hit with a data breach will offer free credit monitoring for a year to atone for the incident. However, you can also set up credit monitoring for yourself through services like myFICO or credit agencies like Equifax and Experian (though keep in mind that Experian suffered their own data breach in 2015). In any case, credit monitoring will help you keep an eye on your accounts for suspicious activity that might indicate fraud and identity theft.