“If I could sum up why I’m committed to the HR Girlfriends community it would come down to because we are ‘….in this together.'”

~Sana’ Rasul, Chief Girlfriend

Is Your Data Over-Exposed?

What Is an “Over-Exposure” of Your Data?

The Identity Theft Resource Center has been tracking data breaches for years and has basically seen it all.

There have been events in which hackers stole the information for millions of credit card accounts. Some breaches have included usernames and passwords for more than a billion email accounts, while others have exposed the complete records—containing all the PII for each of the victims—for just a few hundred individuals, which is only a handful of people in comparison.

There are different outcomes in many data breaches, of course. What kind of information was stolen? Did the hackers get enough information to lead to identity theft? Can the victims’ finances be impacted? Will they need credit monitoring to watch for suspicious or criminal activity?

The type of breach can vary greatly, too. Was it an inside job by an employee with access to records? Did hackers break through what was supposed to be a secured network? Did someone throw away large amounts of papers that contain sensitive information? Did an employee intentionally but innocently forward information to someone who pretended to be the boss?

One other distinction that was recently reported is for an event in which the victims say it wasn’t actually a data breach, but rather just a “data over-exposure.” What’s the difference? For some states and their notification laws, there might not be a difference. But in the case of Dow Jones & Co, and their four million customers whose information was accidentally left open to the public on an unsecured server, the company claims it wasn’t a breach.

There are some minor differences here. First, the data was stored exactly where Dow Jones planned for it to go, but the way it was set up on the Amazon S3 web hosting server left it accessible to others with Amazon web authentication.  A security researcher found the information during an intentional search for unsecured databases, and so far no unauthorized activity has been reported with the information.

This might be important to Dow Jones, but their approximately four million customers might not feel that this is so minor. The accessible database contained customers’ names, their in-house customer IDs, along with their home and business addresses. The most alarming information was the last four digits of the credit card the victims stored in their customer records, along with their email addresses. This information and the news surrounding the data breach means victims can certainly expect phishing emails that can lead to scams.

No matter how a breach occurs—or whether it was even a full-fledged breach or simply a mislabeled security protocol—consumers need to be prepared to take their security into their own hands. Monitoring their accounts carefully, practicing good password safety, and taking action against suspicious activity immediately can help no matter how your information fell into the wrong hands.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.  Source: idtheftcenter.org 

 

Looking to make your Company CyberAWARE?
Get hooked into Corporate Training!

Leave a comment

Never miss an opportunity to earn HRCI/SHRM credits, identify a mentor, or connect 1:1 with another HR Girlfriend in your city or across the country.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Author picture

HR Girlfriends™ is a Human Resources networking organization dedicated to advancing the practice and culture of people empowerment. Our team of Girlfriends consult, train, educate, develop, share, promote, and advocate for solutions in the field of human resource management.

Are You IN?
Or Are You OUT?

It’s time you join forces with a community of like-minded peers ready to tackle the issues unique to the women of HR.
  • All
  • Affirmation
  • Career Mondays
  • Certification
  • COVID-19
  • CyberSAFE
  • Guest Blogger
  • HR Advisor
  • HR Law Alert
  • HR Q&A
  • HR Reading
  • HR Reel Talk
  • Join Our Team - Apply Now
  • Membership
  • Talent Management
All
  • All
  • Affirmation
  • Career Mondays
  • Certification
  • COVID-19
  • CyberSAFE
  • Guest Blogger
  • HR Advisor
  • HR Law Alert
  • HR Q&A
  • HR Reading
  • HR Reel Talk
  • Join Our Team - Apply Now
  • Membership
  • Talent Management
HR Q&A

Q&A: A remote employee’s roommate has been disrupting their work to the point that their performance is suffering. How should we handle this?

This situation should be handled the same way you’d manage most work disruptions affecting an employee’s performance. Start by having a conversation with the employee ...
Read More →
Affirmation

Affirmation: The time to go after my dreams is now.

Only I hold the power to create the life I desire. I want to make my dreams come true so each day I work on ...
Read More →
HR Q&A

Q&A: What’s the difference between a furlough and a layoff?

Furloughs and layoffs are ways to reduce labor costs during times of economic hardship. They both involve a loss of work for employees, but there ...
Read More →
Share via
Copy link
Powered by Social Snap