Use these links to jump to different sections:
While the cyber hack of Sony Pictures Entertainment uncovered confidential emails that titillated Hollywood, it also exposed more than 47,000 Social Security numbers of past and present employees, and company financials. In the past year and a half alone, customer information from Neiman Marcus, Home Depot, JP Morgan Chase, Staples and Goodwill was also compromised.
“Think about the information imprint that the average consumer creates today versus 10 years ago,” says Kurt Wimmer of Covington & Buring. “Each time you make an online purchase, send a text message, click an online advertisement or download a new app on your smartphone, this creates a new thread of data.”
Most of this electronic information is stored by businesses. “To hackers, these are prized commodities,” says Marc S. Martin, partner at Perkins Coie. “As the size of the data pie increases, so too will hackers’ attempts to breach it.”
Even as corporations and financial institutions are coming up with new data safeguards against ID theft, hackers are devising ways to infiltrate them.
When The Breach Hits
If you suspect your information has been compromised, or you may be a victim of identity theft, Stroock & Stroock & Lavan’s Chris Griner
- Collect copies of statements that indicate fraud and document the date on which you discovered a problem.
- Alert your financial services provider immediately.
- Notify any entities that make direct deposits into your account of the suspected breach
Also notify the three main credit-reporting agencies to place a fraud alert on your account, notes Martin. It “will make it harder for bad actors to open unauthorized credit accounts,” he says. “It also provides you free access to your credit report, which will help you determine if any unauthorized credit accounts
have been opened in your name.”
If only one credit card has been compromised, and the breach was discovered early, you can generally resolve the issue with the financial institution, Griner says. He recommends that identity theft victims file an Identity Theft Victim’s Complaint and Affidavit at FTC.gov.
Identity-theft protection services and a consumer law attorney
are options, too. However, “Personal diligence remains important,” Griner says. “The only secure computer may be the one that is never used.”
For more information on this area of law, see our overview of consumer law