Over the weekend, Citigroup, Inc., Walgreens, TiVo, Inc., Capital One Financial, Best Buy, Chase Bank and other large U.S. companies became victims of data breaches after a computer hacker hacked into the client customer files of online marketer Epsilon. Information obtained by the hacker included customer names and e-mails but did not include any financial or other sensitive information.
“Even the most vigilant and fraud-conscious consumers can become victims of identity theft due to a data breach at a corporation,” said Patrick Bennett, Director of Community Relations with the Southfield-based Better Business Bureau Serving Eastern Michigan and the Upper Peninsula. “In the case of recent data breach at Epsilon, it appears that no personal, financial or medical information was compromised — only names and email addresses — however, consumer trust in these companies will likely be shaken.”
To protect yourself from identity theft, the BBB provides this advice for online security:
* Develop good habits for creating passwords- A strong password is long and has letters, punctuation, symbols, and numbers. A variety of characters makes the password better. When possible use 14 characters or more. Never use the word “password” or personal information such as your name, birthdate, driver’s license, social security number or similar information. Also, avoid sequences or repeated characters and test your password with a password checker to evaluate the strength of your password automatically.
* Protect your password from prying eyes – Never provide your password in an email or in response to an email request. Do not type passwords on computers you do not control. Do not reveal your passwords to others. Do not store passwords in a file on your computer. Keep a record of your passwords in a safe secure place. Use different passwords for different websites and services.
* Avoid Phishing e-mails– Phishing e-mails are a common way for hackers to get at your personal information or break into your computer. Do not respond to requests for financial information pretending to be from Best Buy, Walgreens or other companies. Legitimate businesses do not request personal or financial information by email. Don’t click on any links or open any attachments to e-mails until you have confirmed that they are not malicious. E-mail addresses that don’t match up, typos and grammatical mistakes are common red flags of a malicious phishing e-mail. Also beware of unsolicited e-mails from companies with which you have no association. Make sure you have current antivirus software and that all security patches have been installed on the computer.
Small business owners looking for advice on preventing data breaches are encouraged to check out BBB’s Data Security – Made Simpler for free guidance at www.bbb.org/data-security.