Current:Home > ContactData breaches and ID theft are still hitting records. Here's how to protect yourself. -×
Data breaches and ID theft are still hitting records. Here's how to protect yourself.
View
Date:2025-04-14 23:07:30
2023 was a record-breaking year for data compromises – and that's not a good thing.
In its latest yearly report, the San Diego-based Identity Theft Resource Center said there were 3,205 data compromises in 2023, a 78% increase from 2022 and a new record, topping the previous all-time high of 1,860 set in 2021.
In 2023, there were also more than 353 million victims of ID theft, according to the center, a nonprofit organization that assists consumers when they have become victims and advocates for better protections for consumers and businesses. That's a decrease of 16% from 2022, which is consistent with a general trend of the number of victims dropping slightly each year "due to organized identity criminals focusing on specific information and identity-related fraud and scams rather than mass attacks," the organization said.
Notifications of data breaches without information on the rise
The number of data breach notices without specific information such as what happened, what the company has done to correct it, or what steps have been taken to make sure the breach doesn't happen again has nearly doubled year over year, said James. E. Lee, Identity Theft Resource Center's Chief Operating Officer. In 2023, more than 1,400 public breach notices did not contain such information.
"That's a problem and that creates risk for other businesses who could be attacked in a similar fashion and consumers who need to know how to protect themselves," Lee said.
There is no federal law that requires companies that have had a data breach to notify their customers or consumers more broadly, Lee said. There is instead a patchwork of state laws and federal regulations, with different requirements, he said. For instance, there is a federal regulation that any publicly traded company that has a data breach must notify consumers, but only 11% of data breaches last year would have qualified, Lee said.
"Every state has a different definition of what is a breach. Every state has a different trigger for when you have to send a notice. Every state has a different requirement for what information you include and who has to be notified," he said. It took until 2018 to have all 50 states pass a data-breach law and they're all over the board, Lee said.
Many laws don't have penalties for the company that had its information lost or breached and allow that organization to determine its risk and if it needs to notify consumers, Lee said.
Generally speaking, where the company is located is where the state law controls the notification, regardless of where affected consumers live, he said.
"But that's one of those things that we need to update because data breaches, just like data criminals, don't recognize those little imaginary (state) lines," he said.
ID theft and taxes:IRS struggles to get tax refunds to nearly 500,000 victims of ID theft
Supply chain data attacks are on the rise
A growing target of data breach attacks by criminals is within a supply chain of a company and its sometimes smaller suppliers, Lee said.
"The criminals will attack a smaller organization that works for big companies," said Lee. Usually, those companies don't have as tight of security measures, but it still gets the criminals the bigger data they want, he said.
"For an identity criminal, that's Nirvana. I can pick one company and get the company that has hundreds if not thousands of companies (access to information)," Lee said.
Criminals are also ramping up what's called "zero-day attacks," which is an unknown flaw in a company's software to get in, Lee said. Even the guys who wrote the software don't know the flaw is there "and the bad guys find it," said Lee.
How do you protect yourself from data breaches or ID theft?
While there isn't a lot a consumer can do to prevent a company from becoming a data breach victim and therefore the consumer from becoming a target as well, Lee said there are ways consumers can protect themselves – especially before a data breach.
Here are some tips from the ID Theft Resource Center:
◾ Freeze your credit with all credit bureaus, as a protective measure. Find out how to freeze your credit and other tips at www.idtheftcenter.org
◾ Change your password and switch to a 12-plus character passphrase.
◾ Enable two-factor authentication (with an app, if possible) on your accounts.
◾ If you are offered a passkey option from a website or your phone, which is beyond a password and can be fingerprint or facial ID options, take them.
◾ Keep an eye out for phishing attempts that claim to be from the breached organization.
◾ Follow the advice on the data breach notice offered by the impacted company.
◾ Change the passwords of other accounts with the same password as the breached account.
Betty Lin-Fisher is a consumer reporter for USA TODAY. Reach her at [email protected] or follow her on X, Facebook, or Instagram @blinfisher. Sign up for our free The Daily Money newsletter, which will include consumer news on Fridays, here.
veryGood! (5766)
Related
- Have Dry, Sensitive Skin? You Need To Add These Gentle Skincare Products to Your Routine
- Who is marrying the 'Golden Bachelor?' 10 facts about ‘Golden Wedding’ bride Theresa Nist
- Missing 16-year-old girl from Ohio located in Florida with help from video game
- The (Pretty Short) List of EVs That Qualify for a $7,500 Tax Credit in 2024
- Federal Spending Freeze Could Have Widespread Impact on Environment, Emergency Management
- New year, new clothes: expert advice to how to start a gentleman's wardrobe
- Watch Jeremy Allen White Strip Down to His Underwear in This Steamy Calvin Klein Video
- Kia EV9, Toyota Prius and Ford Super Duty pickup win 2024 North American SUV, car and truck awards
- Tree trimmer dead after getting caught in wood chipper at Florida town hall
- Striking doctors in England at loggerheads with hospitals over calls to return to work
Ranking
- Apple iOS 18.2: What to know about top features, including Genmoji, AI updates
- Crib videos offer clue to mysterious child deaths, showing seizures sometimes play a role
- New Mexico governor proposes 10% spending increase amid windfall from oil production
- Rage Against the Machine won't tour or perform live again, drummer Brad Wilk says
- Federal Spending Freeze Could Have Widespread Impact on Environment, Emergency Management
- NBA fines Nets $100,000 for violating player participation policy by resting players
- Hoping to 'raise bar' for rest of nation, NY governor proposes paid leave for prenatal care
- Crib videos offer clue to mysterious child deaths, showing seizures sometimes play a role
Recommendation
The 401(k) millionaires club keeps growing. We'll tell you how to join.
California prosecutors charge father in death of child his 10-year-old son allegedly shot
New York governor pushes for paid medical leave during pregnancy
Stock market today: Global shares mostly slip, while oil prices advance
How to watch the 'Blue Bloods' Season 14 finale: Final episode premiere date, cast
Parents of Cyprus school volleyball team players killed in Turkish quake testify against hotel owner
Feeling caucus confusion? Your guide to how Iowa works
Natalia Grace Case: DNA Test Reveals Ukrainian Orphan's Real Age