Sometimes life can be unfair. Let's say you have the tech knowledge to manage your family's accounts and are well aware of cyber threats.
Your defenses are set, you've installed the latest updates, and so far you've successfully fended off every phishing attack that tries to extort your money or personal information. And yet, one day, you discover that someone has stolen your identity information for malicious purposes.
That's because, rather than targeting individuals, cybercriminals often tend to focus their attention on vulnerable institutions that collect huge amounts of personal data, such as universities or hospitals, explains global security software company ESET. Even worse, large companies that manage sensitive data can also be hacked - for example, 33 million French citizens were affected by the largest breach of two payment processing companies in the country in early 2024.
This raises questions about what citizens can do if cybercriminals have stolen their personal data from an external source, and are exposed to the risk of identity theft. Is there a way a cybersecurity solution can help?
Table of Contents
What is identity theft?
Identity thieves typically go after personal information such as passwords, social security numbers, credit card numbers, or social security numbers to act fraudulently in the victim's name.
To be even more effective, scammers collect every publicly available piece of information about their victim. They may search the victim's social media pages, business or employer records, and government databases.
With this data, fraudsters can apply for a loan, make online purchases, apply for a credit card, receive medical treatment or gain access to the victim's financial data, ESET experts explain. If the victim's password was compromised during the attack and that password is used repeatedly on multiple websites, hackers can easily hijack several of the victim's accounts.
For example, every year fraudsters use thousands of stolen identities to extort money from the United States Treasury Department by filing false tax returns claiming tax refunds. As of February 24, 2024, the US Internal Revenue Service identified 32.616 tax returns representing approximately $272,7 million in tax refund fraud and prevented $262,7 million (96,3%) of refunds from being issued in these cases.
Identity theft in the US.
- 2023 saw a record number of US data breaches in a single year – 72 percentage points higher than the previous record of 2021. At least 353 million people were affected, according to the Identity Theft Resources Center.
- Cumulative losses related to identity theft reached about $12,6 million in 2023, according to FBI statistics.
- From 2005 to March 2024 there were 3.713 data breaches at US educational institutions, with at least 37.606.243 individual records affected.
- In the first half of 2024, 387 data breaches of 500 or more healthcare records were reported to the US Department of Health and Human Services. More than 4,5 million compromised healthcare records are confirmed.
Once identity information has been misused, the victim may be held responsible for the perpetrators' actions, subject to a law enforcement investigation, and/or face consequences such as charges, changes to their credit status, and damage to their reputation.
What you can do about identity theft and fraud
When you find yourself among the victims of a massive data breach, keep your cool, but act quickly to mitigate the damage, advises ESET.
- Contact the police and the relevant agency in your country to inform them that your personal information may be used for fraud. In some cases, they can cancel stolen cards or documents.
- If bank information is stolen, contact your bank,
- Defrauded taxpayers should place a fraud alert on their credit files and later claim a refund, but should be prepared to take additional steps to prove their identity to the IRS or other tax authorities.
- Look for any accounts that have been opened by fraudsters and request their closure.
- Look for unauthorized purchases made through your accounts. If found, request a refund.
- Change and strengthen your account passwords.
- Check for notifications about changes to your accounts made by someone else.
"Eso Ready"
Sometimes, bad things just happen and it's not your fault. That's why it's important to be prepared.
Rapid reaction is key in such cases. We hope the tips will help you act quickly and efficiently to avoid significant losses.