Hackers steal even more Social Security numbers. How should you protect yourself?
Another day, another massive data breach claimed by hackers. Days after a breach at T-Mobile exposed about 53 million people’s personal information, a hacking group known as ShinyHunters announced that it was auctioning 70 million sets of sensitive data purportedly stolen from AT&T.
The information offered for sale was similar in both breaches, including full names, addresses, birth dates and Social Security numbers. In short, it’s the foundation for identity theft.
AT&T responded Friday by casting doubt about the claim by the prolific ShinyHunters cabal, stating that “[b]ased on our investigation today, the information that appeared in an internet chat room does not appear to have come from our systems.”
Regardless of where the data came from, though, if it’s valid it could be a nightmare for anyone whose sensitive information is exposed. Here’s a quick guide to the risks you may face and some of the things you can do to protect yourself.
What are the risks?
Social Security numbers are widely used by the federal government, banks, investment companies, government benefit programs and insurers to verify your identity. Your stolen Social Security number can be used to open fraudulent credit card accounts, divert or fraudulently collect benefits and commit workplace fraud, among other forms of deceit. Throw in your name, birth date and email address (which the ShinyHunters claim to have stolen too), and it’s significantly easier for someone to pretend to be you.
Identity thieves could use that information to target both you and the banks, insurers and other companies you do business with. For example, they could use it to make phishing emails seem more realistic, helping to persuade you to give up additional sensitive information such as a password or personal identification number (PIN). Or they could use it to dupe your bank into letting them change the password on your account, giving them access to your money.
The T-Mobile breach also exposed the phone numbers, device identifiers and SIM-card numbers…