Breach Clarity Weekly Data Breach Report: Week of May 3
Each week Breach Clarity, recently acquired by Sontiq, compiles a list of what it considers to be notable data breaches—those that are worth highlighting because of the increased intensity of the risk to personal information. The Breach Clarity score identifies the level of risk on a scale of 1 to 10—the higher the score, the more severe the breach and level of risk.
While data breaches are typically thought of as opportunities to steal and resell data, many incidents have fraud or some other direct monetization method as their primary motive. Ransomware and business email compromise attacks are the best examples of these types of events, but there are a number of identity fraud schemes that are much easier to commit when bad actors gain direct access to a business’ systems. This week features a breach involving tax refund fraud – fraudulently filed tax returns intended to maximize tax refunds and either have them directed to an account under the fraudsters’ control or claim them in prepaid cards. Because tax returns also contain core data types used across identity verification in financial services, they also provide a treasure trove of information for groups that later intend to resell the data.
New breaches added: 32
Lydall, Inc.
An attempted ransomware attack against Lydall, Inc. compromised files containing sensitive personal information. In ransomware attacks, the goal of the attack is typically to extort the infected organization into paying to regain access to their files, although some ransomware strains also take the encrypted files and send them to the group managing the malware. Exposed data types include Social Security numbers, financial account numbers, health insurance information and more.
What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.
Smith & Company CPAs
Smith & Company’s Electronic Filing ID number, used for tax filings on behalf of clients, was compromised, allowing the perpetrator of the breach to submit fraudulent tax returns as well as access clients’ tax returns. Exposed data types include Social Security numbers, financial account numbers and other tax identification information.
What should you do? In this breach, the primary objective of the perpetrators was to commit tax refund fraud. Accordingly, the top priority for victims should be to confirm that their most recent tax filings are correct and secure their identity with the IRS. The IRS has recently expanded eligibility for their Identity Protection PIN program to all Americans. This allows individuals to verify their identity with the IRS and receive a code that will be used to verify their identity for next year’s tax filing. More information can be found here.
Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.
Chatham County
A ransomware attack against Chatham County, North Carolina compromised files containing sensitive personal information on Chatham residents and employees. Data exposed from Chatham County included Social Security numbers, health records, Medicaid ID numbers and more.
What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.
Saratoga Casino Hotel
A compromised online travel agent account allowed the perpetrator of the breach to view guest reservation information at the Saratoga Casino Hotel. Exposed data types include names and payment card information, however it does not appear that card security numbers were involved in the breach.
What should you do? When credit or debit card data is stolen, you should contact your issuer to determine whether you need a replacement card. Many card issuers also allow you to set up alerts for large or unusual purchases. These alerts can help you quickly identify suspicious activity and notify your bank or credit union of the fraud.
About the Breach Clarity Score
Breach Clarity, recently acquired by Sontiq, created an algorithm that deeply analyzes and assigns every publicly reported data breach a Breach Clarity score, most often from 1 to 10. The higher the score, the more severe. (In rare and extreme cases, the score can exceed 10.)
The idea for the Breach Clarity score came from data breach expert Jim Van Dyke, who realized the public should be able to access the same analysis he used as an expert witness to discern data breach risks in the country’s biggest data breach cases. Breach Clarity’s artificial intelligence algorithm simulates that advanced, objective analysis and is available to anyone as a free tool in the fight against identity fraud and cybercrime. The score, risks and recommended action for any publicly reported data breach is available at Breach Clarity.
