Breach Clarity Data Breach Report: Week of March 15

Each week Breach Clarity, recently acquired by Sontiq, compiles a list of what it considers to be notable data breaches—those that are worth highlighting because of the increased intensity of the risk to personal information. The Breach Clarity score identifies the level of risk on a scale of 1 to 10—the higher the score, the more severe the breach and level of risk.

For many high-risk breaches, we recommend that victims freeze or lock their credit report. A credit report freeze is unique in that it can single-handedly slash consumers’ risk of fraudulently opened new credit/loan accounts – something that can’t be said for many other safeguards. Unfortunately, this can give an exaggerated importance to this measure. While most consumers who don’t expect to need a credit inquiry in the near future can benefit from locking or freezing their credit report, breaches create clusters of risk that go beyond any single fraud type. A breach that exposes victims’ Social Security numbers heightens their risk of fraudulently opened credit cards typically exposed, but also makes it much easier for fraudsters to gain access to their financial accounts, apply for government benefits, or take over a mobile phone account.

That’s what makes breach notifications that stop at credit monitoring or freezes so dangerous. Breach victims need to understand the breadth of identity safeguards available to them – many at no or low cost. Even beyond other core measures, like alerts and strong authentication, services like USPS informed delivery, IRS identity protection PINs, and secure e-commerce platforms can meaningfully protect consumers from a variety of identity risks. Knowing the top risks posed by a data breach can help victims prioritize which of these measures makes the most sense for them.

Breach Clarity’s Weekly Spotlighted Breaches

New breaches added: 44

PEI-Genesis, Inc.
BreachIQ Score – 10
Unauthorized access to an employee email account at PEI-Genesis exposed personal information contained in messages and attachments that passed through the account. The information exposed varied by victim and included Social Security numbers, driver’s license numbers, financial account…