January 27th, 2015 | Miller Advisors

Data breaches – when to worry

If you’ve shopped at Home Depot or Neiman Marcus, ate at P.F. Chang’s or Jimmy John’s, banked at JPMorgan Chase, or used an American Express card in 2014, then chances are good that some of your personal information was exposed in a data breach. You probably knew that. The question is, how much should you care?

It’s easy to understand why consumers are starting to yawn in the face of a steady stream of data-breach notifications. Through early December, the Identity Theft Resource Center had counted more than 700 data breaches in 2014–representing a 26% increase over 2013 and surpassing the high set in 2010.

A 2014 survey conduced by the Ponemon Institute found that nearly one-third of consumers had received at least two notifications of a breach in the previous two years; 10% had received more than five. And although 76% of victims felt stress about the breach, more than half did not take any steps to protect against identity theft afterward.

Such inaction may not lead to disaster. Remember, a data breach does not mean you’re a victim–or will be a victim–of identity theft. Nor is all ID theft harmful to the same degree. The key is to distinguish the truly dangerous breaches from the merely annoying ones.

Take it seriously if your Social Security number is compromised. “That’s the golden ticket for an identity thief,” says Becky Frost, senior manager of consumer education at Experian’s ProtectMyID, an identity-monitoring service.

You’re actually more likely to become the victim of ID theft if your credit or debit card info is exposed than if your Social Security number is divulged. That’s because thieves can start racking up charges immediately; making money from a stolen Social Security number is a multistep process.

But the consequences of a stolen Social Security number can be enormous. Your liability is limited for unauthorized charges on your debit or credit card. But with a Social Security number, a thief can get into existing accounts, open new ones, take out a loan, get a job, file a fake tax return or gain access to health care. Getting a new Social Security number is cumbersome and impractical. “I don’t even recommend you try.” says Al Pascual, director of fraud and security for Javelin Strategy and Research.

Passwords, usernames and e-mail addresses are frequently compromised. But unless the exposure includes personally identifying information in combination with other info (think name and account number, or log-in plus password), you may not even be notified. Still, theft of such data puts you at risk for so-called phishing scams, in which ID thieves try to gain additional info via e-mail or phone. You also might be in trouble if you’ve used the same usernames and passwords on multiple sites.

Resist the tendency to ignore a data-breach notification. If you are offered free credit monitoring, take it, And, especially if your Social Security number was exposed, consider setting up the protection to include alerts when new accounts are established using your info. Place a 90-day fraud alert on your credit report by notifying one of the three major credit bureaus: Experian, Equifax, or Trans-Union. Change account numbers on affected financial accounts, monitor statements closely and report any fraudulent activity immediately. Limit damage from stolen e-mail or log-in information by using unique passwords and changing them regularly. You can keep on top of data breaches at www.idtheftcenter.org.

Source: Anne Kates Smith, Kiplinger’s Personal Finance, February 2015

Image: teachprivacy.com

This information is general in nature, and is not a complete statement for making an investment decision, and is not a recommendation or a solicitation to buy or sell any security. Investments and startegies mentioned may not be suitable for all advisors. Past performance may not be indicative of future results.