Posts

Data Breach Expert Sileo Talks to Fox Business

, ,

Victim of a Cyber Attack? What You Should Tell Customers

By Donna Fuscaldo, Fox Business

It seems like every day consumers are learning of data breeches from companies like Sega, Sony and Google. Major corporations like these tend to have the funds and resources to recover from an attack, but for small businesses, that’s often not the case.

A slow response and lack of communication with customers are among the missteps many small businesses make when facing an attack, both of which can cause irreparable damage to the business.

“When consumers are a victim of ID fraud based on interaction with a small business, 1 in 3 never come back,” said Phil Blank, senior analyst for security and fraud at Javelin Strategy & Research.

While data breaches hitting major banks and corporations tend to dominate headlines, small businesses are increasingly becoming targets. Hackers like to prey on small businesses because computers and mobile phones tend to be used for both work and personal use, and many small businesses don’t have an IT staff monitoring and protecting operations.

According to Javelin, small business fraud totaled $8 billion in 2010. Of that, banks, merchants and other providers absorbed $5.43 billion of the loss while the cost to victims was $2.61 billion.

Although the first line of defense against an attack is to have proper procedures and policies in place, if it does happen, there are steps that need to be taken immediately to mitigate the impact. The experts advise owners’ first step should be to communicate with customers quickly.

“You don’t have a large amount of time between a hack and when you tell a client,” said Blank at Javelin. That doesn’t mean you have to tell clients within a day of it happening, but you shouldn’t wait a couple of months either. Blank said customers should be notified within a week of the hack. “If people know within a week they have the ability to do something about it.”

To ensure the small business is communicating correctly to the customers, John Sileo, founder of ThinkLikeASpy.com and a professional identity theft speaker, said a small business owner should get professional help, whether it’s a privacy lawyer or a company that deals with data breach responses.

Each state has different laws and regulations pertaining to data breaches and a data breach company will be well versed in the rules governing the states. “This is too big for a small business to handle internally,” said Sileo. “They could end up making some legal choices without knowing it that can get them in hot water.”

John Sileo is a data breach expert and data breach keynote speaker on identity theft, social media exposure, data breach and weapons of influence. Bring him in to motivate your employees to care about data security. Contact him directly on 800.258.8076.

Citigroup Data Breach – How it Affects Your Wallet

,

This week’s news of the theft of private data comes from Citigroup. Seems that even the most reputable organizations can be exposed to the ever-more frequent data breaches we read about. You’ll likely recall the recent news of Sony, PBS, Epsilon and Lockheed Martin.  Regrettably, the list is growing by the day. It affects me, and likely, it affects you. Now what?

First, arm yourself with the facts. See the attached articles.

  • http://blogs.wsj.com/deals/2011/06/09/citigroup-data-breach-4-tips-to-protect-yourself/
  • http://www.reuters.com/article/2011/06/09/us-citi-idUSTRE7580TM20110609
  • http://www.informationweek.com/news/181502068

Second, remember to protect your most important data (this information, on its own, or in any combination, is a jackpot to an identity thief):

  • Social Security number
  • Date of birth
  • PIN
  • Credit Card numbers
  • Bank Account numbers
  • Birthdate

Third, never reply to an e-mail requesting personal information. Unless you originate the communication, suspect the worst and do not respond. This is referred to as “Phishing” and the results are never good.

Fourth, if you think your credit card has been compromised, call and request a new card. The phone number is on the back of your card, and the associates answering your call love serving as a hero to you and your credit. They’re awesome folks.

And finally, just pay attention. If your intuition is triggered, there’s likely good reason. You’ll never regret being cautious.

You should be receiving a notice from Citi if your actual data was compromised. In the meantime, don’t be afraid to Freeze Your Credit, just in case.