If you have ever participated in a data breach, you should have received a notice alerting you to the information that has been compromised.
If your username, passwords, driver’s license number or social network were found on the dark web; do you know what you should do?
For criminals, using compromised information in a data breach is like solving a puzzle. If they collect enough coins, they can drain your bank accounts, rack up charges on your credit card, or take out loans on your behalf.
However, if you take more security measures, the puzzle becomes harder to put together and you have a better chance of protecting your accounts even if your information has been exposed.
Reggie Juliot was alerted that he was part of the Equifax breach in 2017.
“I really haven’t thought about it much,” he told 5 On Your Side.
A few months later, this compromised information led to the worst-case scenario.
“I went to check my bank account balance and it was, I was $10,000 short.” said Juliet.
He didn’t actually have $10,000, but the hackers used a series of deposits and withdrawals to knock his account into the red.
“So they actually ended up with negative $10,000 in my account,” Juliot said.
Something similar even happened to North Carolina Attorney General Josh Stein!
“My information was stolen. My accountant was hacked and all my personal information was taken,” Stein told us. “They actually filed a refund claim with the IRS on my behalf.”
ine.com cybersecurity director Jack Reedy explains that when your information is compromised in a breach and offered for sale on the dark web, hackers buy it cheap.
“A couple thousand records for $10-20,” Reedy revealed.
However, Reedy points out that just because someone has your information doesn’t mean they can access your bank account.
“A lot of attacks are automated now. So if the automation they built in doesn’t work, they’ll move on. Because really, if you buy 20,000 recordings for $10-20, no one is going to sit there and type in every time, every username and password,” Reedy explained. “That’s why the investment is so low, as well as because it has failed so many times.”
So what can you do to prevent this stolen information from being used against you?
Reedy said “it’s time to respond in a meaningful way.”
The first thing is to freeze your credit with the three major reporting agencies.
Change your passwords and use a different password for each account. A password management system can help you keep track of each one.
If multi-factor authentication is available on an account, enable it.
Keep a close eye on your emails and financial accounts. Look for strange login attempts and charges that you can’t identify.
Finally, document everything from the moment you learn that your information has been compromised.
It’s a good idea to take all of these precautions, even if none of your information has been compromised.
If you are unsure if you have been part of a data breach, our cybersecurity expert recommended that you go to haveibeenpwned.com. Type your email on this site and it will tell you what breaches you participated in and what information was compromised.
Reggie Juliot has taken some measures to protect himself, but not enough and wants others to go further than him before becoming the next victim.
“It’s only a matter of time. It really is,” Juliot warned. “I thought it wasn’t going to happen to me. And boy, did it happen to me.”