Data Breaches

A data breach is a security incident in which sensitive, protected, or confidential data has been copied, transmitted, viewed, stolen, or otherwise used by someone who was not authorized to do so. Credit card data breaches and medical data breaches are two of the more harmful and costly data breaches.

Data Breaches Are Not Always Made Public

The news reports plenty of data breaches these days, from the Target and Wendy’s credit card breaches to the Anthem and Beacon Health System HIPAA data breaches. However, most data breaches never make the national news, which means the people whose personal information is compromised never find out about it. The Privacy Right Clearinghouse publishes a list of known breaches reported in the United States since 2005. In addition, the Privacy Rights Clearinghouse website provides information on dealing with security breaches.

Privacy Rights Clearinghouse: Chronology of Data Breaches

Privacy Rights Clearinghouse: How to Deal with a Security Breach

Phishing

Phishing is the attempt to acquire sensitive data (i.e., usernames, passwords, credit card information, etc.) by pretending to be a known and trusted entity via electronic form, such as email for a website. This is one of the most common IT security threats.

Information for Taxpayers

Taxpayers need to beware of phishing scams asking for any personal information. The IRS will never initiate emails to taxpayers about a bill or a refund out.

FTC’s Identity Theft Recovery Plan

Identity Protection: Prevention, Detection, and Victim Assistance

Reporting IRS Phishing and Online Scams

Requesting Copy of Fradulent Returns

Taxpayer Guide to Identity Theft

Amazon Order Cancellation

This is a phishing attempt leading users to click to view their cancelled order on Amazon, even though they did not place an order.

Identifying and Reporting Phishing Emails to Amazon

Ransomware

Ransomware is an access-denial type of attack that prevents legitimate users from accessing files. The user’s computer is infected with some form of malware. This software then encrypts files and requires payment (ransom) before the person is re-granted access to the restricted files. The user’s computer is often rendered useless until the ransom has been paid.

Trend Micro on Ransomware

Trend Micro has a webpage that includes the history and future of ransomware. This page also gives aliases and descriptions of known ransomware families.

Trend Micro’s Ransomware Information