According to the Identity Theft Resource Center or ITRC (https://www.idtheftcenter.org/), which has been tracking publicly reported data breaches and exposures since 2005 – the year 2021 surpassed the all-time number of data breaches.
“While the previous annual record for breaches was in 2017 with 1,529 data compromises, that total number was surpassed in November,” said Eva Velasquez, President and CEO of the Identity Theft Resource Center.
“The ITRC has now tracked 1,580 compromises through November 30, 2021. Of the 164 data compromises reported in November, three stand out including Robinhood, a stock trading platform; GoDaddy, a web hosting company; and Costco, a popular retail corporation,” stated Velasquez.
Velazquez gave additional details on each of the three data breach incidents:
The Robinhood data breach affected seven million people and was due to a social engineering attack (when a criminal manipulates someone into giving them information). The information exposed in the breach includes full names, email addresses, phone numbers, birth dates and zip codes.
GoDaddy suffered a data breach due to a supply chain attack. The breach impacted a little more than one million users and exposed customer numbers, email addresses associated with the account, certain WordPress Admin logins, usernames, and passwords.
Costco suffered its first data breach in 2021 due to a card skimming device. While it is unknown how many shoppers’ payment card information may have been compromised, the retail corporation confirmed that it was found by company personnel during a routine check at one of their warehouses.
The irony and full significance to 2021 surpassing the all-time record for data breaches is that December is Identity Theft Protection Awareness Month (Protect yourself online: December is Identity Theft Protection Awareness Month | Round Rock ISD News).
Also and in March 2021, the U.S. Department of Defense released its annual U.S. Department of Defense Identity Awareness, Protection, and Management (IAPM) Guide to help consumers and small businesses keep their identities and the identities of their small business customers private and secure online.
The guide details “privacy considerations, recommendations, and step-by-step information to implement settings that maximize your online security.” It gives a great overview of rules, direction and guidance for online safety and security such as “dating services, mobile wallets, messaging apps, social networking services (Facebook, Instagram, LinkedIn, TikTok, Twitter), photo sharing and storage services, securing home Wi-Fi networks, health and fitness trackers, and more.”
To mitigate your risk of identity theft, Velasquez recommended four 2022 New Year resolutions for both consumers and small businesses:
Regularly update your security software
Be vigilant against email phishing scams
Use a password manager program or use strong password phrases
Use or turn on multi-factor authentication
As I said in my column last month, with the Holiday season upon us, consumers need to remember two important lessons in life including your personal information is not as personal as you think and cyber thieves and ID theft criminals do not take off during the holidays.