Identity thefts are getting serious. What to do, if you´ve found yourself on a list of breached personal data

Next story

With its latest Ultimate subscription tier for consumers, ESET introduces an Identity Protection service that regularly scans black markets on the web for stolen personal data and identities.

Cyber criminals tend to focus their attentions on vulnerable institutions. Those that gather huge amounts of personal data, such as universities and hospitals, are perfect targets for mass data breaches like the one at Mercer University in April 2023. It is these that have been making headlines in recent years.

In the case of the breach at Mercer University, the personal data of over 93,000 people, including names and social security numbers, appeared on the dark web blog of the Akira ransomware gang, claiming that Mercer refused to pay the ransom.

When we look at the healthcare sector, the numbers become even more massive. More than 39 million individuals have been impacted by healthcare data breaches reported in the first half of 2023, according to HHS Office for Civil Rights (OCR) data breach portal.

This raises questions about what the public can do in a situation where cyber-criminals have stolen a user’s personal data from an external source, putting them at risk of identity theft, and whether there is a way a cybersecurity solution can help them individually.  

Try our new offering

What is Identity Theft

Identity thieves usually go for personal information, such as passwords, ID numbers, credit card numbers, or social security numbers, to act fraudulently in the victim’s name.

To be even more effective in impersonating someone, else fraudsters gather any publicly available information about their victim. They can go through a victim’s social media pages, business or employer’s records, and government databases.

With this data, fraudsters can apply for loans, make online purchases, take out a credit card, obtain medical care, or access their victim’s financial data. If the victim’s password was breached during the attack. and this password is used repeatedly on multiple sites, hackers can easily hijack several of the victim’s accounts.

For example, every year, fraudsters use thousands of stolen identities in attempts to rob the United States Treasury by filing fake tax returns that claim tax refunds. As of March 2, 2023, the Internal Revenue Service (IRS) has confirmed 12,617 tax returns as fraudulent, and prevented the issuance of $105.3 million in fraudulent refunds.

Once the victim’s identity has been abused, they might be held responsible for the perpetrator’s actions and be investigated by law enforcement agencies. They may even face consequences, such as legal charges, a change in their credit status, and damage to their good names.

How ESET can help

ESET is well aware of this pressing issue and has now delivered a solution to minimize the risks in these situations.

With its latest Ultimate offering subscription tier for consumers, ESET introduces its Identity Protection service, which regularly scans an online black market with stolen identities.

Users enter their data, such as email account, passwords, or IDs that they want to check, and the Identity Protection will periodically monitor the dark web, searching for leaked sensitive information previously entered by users. 

For example, if a user is a victim of a mass data breach, they will be notified if data they previously entered are found on the internet.

Remember the advice we gave you about checking any changes in your credit reports? Identity Protection can do it for you, reducing your response time during such an incident. However, this feature is available only for US customers at the beginning of product launch.

In the case of US customers, Identity Protection service also contains Credit Report Monitoring, Smart SSN (Social Security number) Tracker, Social Media Identity Monitoring, and Identity Theft Insurance up to $1 mil., together with an on-call identity restoration service.

Being the victim of a mass data breach and/or identity theft can be upsetting, especially when you have done nothing wrong, because your personal information leaked from an external source, and you couldn’t prevent it.

What else you can do about identity theft and fraud

When you find yourself among the victims of a mass data breach, keep calm, but also act quickly to mitigate the damage. 

  • Contact the police and a relevant antifraud office in your country to inform officials that your personal information might be used for frauds. In some cases, they can declare the stolen cards or documents fully invalid.
  • If banking information is stolen, contact your bank, place a fraud alert on your credit reports, and freeze your credit file.
  • Scammed taxpayers should place a fraud alert on their credit records, and later claim refunds, but they need to be prepared to take additional steps to prove their identities to the IRS or other tax authorities.
  • Search for any accounts opened by scammers, and request that they be shut down.
  • Search for unauthorized purchases made via your accounts, and when they’re found, request refunds.
  • Change and strengthen passwords to your accounts.
  • Check for notifications concerning changes to your accounts made by someone else.

Swift action is key in such cases and the ESET Identity Protection feature gives you the advantage of knowing about a data breach as soon as possible. We hope that the aforementioned tips will help you act quickly and effectively, so you can avoid any significant damage.