We frequently hear about yet another data breach that has occurred or that more sensitive data has been found publicly online or for sale on the dark web. Companies and businesses need a greater focus on what can be done to protect organizations and individuals from this type of cybercrime.
Thieves are after all types of information. Often it’s called “confidential” or “sensitive.” Both categories are valuable to identity thieves and those wishing to capitalize from you or your organization. The list of information that is valuable can get lengthy, but here are some items that are most common and most valuable:
While this list can also get long, let's start with these items:
The cyber criminals use a variety of methods to get into a network and they don’t necessarily limit themselves to one way at any given time. They often combine phishing with malware attacks, or online advertising with malware called 'malvertising.' In addition, ransomware and scareware are also lucrative methods for hackers to get information and money from victims. However, do not pay to get data back. Instead, put a good backup process in place so you can restore from a recent backup, should ransomware strike.
Don’t forget that accidental release of information is also a way that data gets into the wrong hands. Lost and stolen laptops and portable drives are one way. A few years ago a field was littered with sensitive and confidential information on dental patients with no real explanation as to how it got there. Not so long ago, medical records from a radiology center were found scattered along a freeway when a waste disposal company did not properly follow processes for caring for the documents.
Even simple mistakes such as a typo in a web address can lead to a serious data breach. Take time to make sure your organization is not the next one putting others’ information at risk for identity theft and making headlines.