7 lessons from the eBay data breach
Someone asked me the other day for my thoughts on eBay’s announcement that hackers had stolen customer information, including email addresses and birthdates. My quick thoughts:* These cyberattacks will continue to happen. That means you should take precautions, including developing strong passwords. * Try not to reuse passwords. eBay has recommended customers change their password. If you’re using the same password elsewhere, you are vulnerable to ID theft and fraud through those other sites. * Sign up for account alerts. Alerts are one of the best ways to protect your online accounts. Email and text alerts give you timely notifications of activity on your account, which can help you react to suspicious or unauthorized activity quickly. * Keep your contact information up to date. Companies are generally pretty good about alerting customers when a cyberattack has occurred. Those alerts only work if they reach you. So make sure you keep your email address, phone number and physical address updated in your user profile to ensure you receive security alerts. * Don’t panic. Monitoring accounts is now a necessary responsibility for those of us who do a lot of buying, browsing and socializing on line. Review your online account details and transactions at least once a week (or more) to check for unauthorized or suspicious activity. Notify your financial institution immediately if you identify any unauthorized or suspicious activity. * Watch for phishing. Data breaches can be leveraged for social engineering, in which scammers manipulate people into divulging personal information. So in the wake of a breach like eBay’s, I encourage people to be particularly alert for attempts at phishing and vishing and the newer SMS texting-based variation, smishing. Customers should be cautious if anyone contacts them via phone, letter, SMS or email claiming to be eBay, PayPal or any company requesting for additional sensitive information. * Use password best practices. Take a look at my recent blog post on password tips.