Locals At Risk Due to Data Breaches – How to Protect Yourselves
A data breach that occurred in 2021 could be affecting readers today. On the dark web, a hacker named ShinyHunters is attempting to sell personal data of 73 million people who were customers of AT&T. After initially denying the data was theirs, AT&T confirmed that the data appears to be from 2019 and impacts approximately 7.6 million current AT&T account holders and 65.4 million former account holders. The data includes names, address, phone numbers and for some, even social security numbers (SSN) and birth dates. Additionally, the security pass codes for 7.6 million accounts were also leaked. If you were a DirectTV customer, your data may be included. The subscriber base at the end of 2019 was almost 202 million subscribers, so it appears to be a partial data dump.
At this point you may be thinking, “Big deal, that was 5 years ago. What use could that information be for hackers?” Good question. There is a treasure trove of data that hackers can use that may impact you. First, hackers could have access to your current account if your security passcode has not changed since then. AT&T is aware of this and are reaching out to these customers. Hackers can use phishing and other social engineering techniques claiming to be AT&T support. If you get an email or SMS text from someone claiming to be an AT&T representative, we recommend that you go “out of band” instead of replying or clicking the link. Go to AT&T’s website that you know is valid. Contact them through the methods provided on their website.
One of the biggest dangers of this breach was the stolen SSN and birth date information. Along with your name and address, hackers can apply for credit cards in your name and run up debt in your name. Hackers can use your SSN to access your bank accounts. They could pose as you with the bank’s customer support performing fraudulent transactions and transferring funds. Using your SSN, a hacker can access your credit reports and subsequently apply for a loan for themselves in your name. There’s more, but you get the point.
Vigilance is the optimal option. We recommend setting up multi-factor authentication on all accounts that offer the option. Your bank and your credit cards definitely have this available. It is a little more work to access your account but more than worth the effort. Most accounts use a username and password for access. Multi-factor authentication uses a second method to verify that the user is authorized. This may come in the form of a code sent via email or text or using an application like DUO or Authenticator. Monitor your credit card and bank accounts regularly. Report suspicious activity right away. Consider using credit monitoring services.
Of course, good cyber hygiene with your passwords is always recommended. Do NOT reuse the same password on multiple sites. That makes it very simple for hackers to try that password on other accounts. If your information was part of a breach, change your passwords. To see if your email address has been involved in a breach, visit this site, https://haveibeenpwned.com, and enter your email address. This provides a list of breaches the account was involved.
If the AT&T hack is too old to have you concerned, Circle K was hacked in January of this year. Loyalty data and partial credit card information was revealed.
Don’t think that you are not a big enough target. Hackers go for the low hanging fruit. If it’s too easy to pass up, they will not. The old adage, “an ounce of prevention is worth a pound of cure,” rings very true in the cyber world.
You can view the original article from the Sierra Vista Herald here.