NuData Security
  • Solutions
    • NuDetect for Continuous Validation
    • NuDetect for Good User Validation
    • NuDetect for Account Takeover
    • NuDetect for Card Testing
    • NuDetect for OAO
    • Smart Interface 3DS 2.0
    • Trusted Device
  • How It Works
    • Layers
      • Device Intelligence
      • Behavioral Analytics
      • Passive Biometrics
      • Trust Consortium
    • Interdictions
    • Integration
    • Connected Intelligence
  • Use Cases
    • Account Takeover
    • Good User Validation
    • Card Testing
    • Automated Attacks
    • New Account Fraud
    • Loyalty Fraud
    • Success Stories
  • Industries
    • Banking & Financial
    • eCommerce
    • Digital Goods
    • Healthcare
  • Resources
    • Articles
    • Blog
    • Brochures & Datasheets
    • Case Studies
    • Infographics
    • Videos
    • Webinars
    • White Papers & Reports
    • COVID Resources
    • FAQ
  • Company
    • Privacy by Design
    • Awards & Accolades
    • Careers
    • Events
    • News
    • Partners
    • Press Releases
  • Contact Us
  • Demo
  • Search
  • Menu
  • Twitter
  • Linkedin
  • Youtube
personal information spilling the beans

PII and the impact of exposure – When beans are spilled all over

Almost 179 million records containing personal information were disclosed during 1,579 data breaches in 2017, according to the Identity Theft Resource Center and CyberScout.

These numbers represent a 45% increase over 2016. They also mean that nearly everyone in the U.S. has had their personal information exposed and that it will end up in the hands of cybercriminals in the near future – if not already. What was once an infrequent occurrence has now become an epidemic.

The Identity Theft Resource Center has been tracking breaches since 2005, and each year, the number of breaches has been growing but, in 2017, it exploded. The rising number of data breaches is directly linked to the escalating fraud losses from account takeover, synthetic identities, identity theft, and other types of fraud.

Data thieves sell this personal information from breaches to aggregators, who cross-reference and compile full identities on the data black market – called “fullz” or synthetic identities. This increases the value and usefulness of the stolen data, which may have been gathered over multiple data breaches. With this level of information, fraudsters can create new bank accounts or take out loans under a real person’s name. They can even access a customer’s account and transact impersonating the legitimate user. When these actions take place, they cannot be traced back to the fraudster and can cause severe and lasting harm to the fraud victim for years down the road.

When it comes to social media, consumers need to be careful about what is posted on social network profiles. Status updates – upcoming travel plans, going out to a game, etc. – allows criminals to take advantage of every situation. If personal information like a phone number, birthday, your pet’s name, or school information is provided, cybercriminals can take this private information and use it for fraudulent transactions because banks and other agencies use precisely this information to verify customers.

A closer look

NuData Security data from its consortium shows that on average 40% of monthly logins are fraudulent. Account takeovers – accessing accounts with stolen credentials – increased from 12% to 77% of total logins in the first half of 2017 alone. Thirty-five percent of all new accounts were created with stolen identities.

It is now incumbent on online businesses, as well as consumers, to incorporate as many best practices as possible to secure individual identity and to fight fraudulent transactions. Consumers should use unique, strong passwords on all sites, and change them periodically.

They should also keep close tabs on their credit card statements and bank account transactions. Most institutions now allow customers to set account alerts that will provide timely notification of large dollar transactions, as soon as they are attempted. This puts the control into the customer’s hands: Monitor their accounts in real time, rather than waiting for their monthly statement to arrive in the mail – after the damage is done.

Alerting consumers about breaches and getting them to change passwords right away, however, is a losing proposition and, in the end, consumers themselves pay the consequences. Password management services help customers adhere to best password practices, but at the end, companies are the ones who can make a difference by choosing stronger authentication solutions.

Change is hard to do

The gauntlet has been laid, and now online companies have to reassess their fraud and authentication strategies continuously. The latest numbers on identity theft and fraud prove that online enterprises, banks, and retailers need to develop a new way to authenticate their customers online.

To fight fraudster’s growing sophistication, online businesses need to take an entirely different approach to digitally identify and verify legitimate customers. New technologies that combine layers of passive and physical biometrics into their mix are proving to be the most reliable.

This multi-layered approach can leverage the user’s natural actions combined with behavioral analytics and passive biometrics to give companies control over who their users are. While hackers will continue to steal passwords and credentials to access accounts, commit fraud or steal money, they are not able to replicate a person’s inherent behavior. It is equally important for companies to continually monitor the traffic in an environment and to adjust the rules when anomalous trends are detected.

Cyber attacks are growing in sophistication and businesses need to be ready for that. While it is increasingly hard to stay ahead of bad actors when it comes to breach protection, companies can take a different approach to customer and digital security by using these stronger authentication methods. This unique approach to authentication that looks at the user’s behavior devalues stolen PII data and protects companies from post-breach damage.   —

Related to this post: Are Millennials Not Worried About Fraud?

Authenticating on today’s breached world? Watch our webinar featuring Forrester analyst firm.

Want to read more posts like this? See our full blog here.

Tags: Account Takeover, ato, breach, personally identifiable information, PII
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on Google+
  • Share on Pinterest
  • Share on Linkedin
  • Share on Tumblr
  • Share on Reddit
  • Share by Mail
https://nudatasecurity.com/wp-content/uploads/2018/03/Personal-information-–-Spilling-the-beans.jpg 837 1254 Robert Capps https://nudatasecurity.com/wp-content/uploads/2017/12/Nudata_logo-300x112.png Robert Capps2018-02-28 15:45:262018-07-03 15:25:01PII and the impact of exposure – When beans are spilled all over
15h

Read here: March is #FraudPreventionMonth and the best way to …

2 Mar

Read here: How many unique passwords do your users have? …

2 Mar

Read here: The economic instability, social unrest and operational disruptions …

25 Feb

Read here: How does designing accessible security relate to a …

24 Feb

Read here: Physical limitations, economic barriers, and low digital literacy …

Solutions

  • Solutions
  • NuDetect for Continuous Validation
  • NuDetect for Account Takeover
  • Success Stories

Company

  • Company
  • News
  • Press Releases
  • Events
  • Awards & Accolades
  • Partners
  • Careers

Use Cases

  • Use Cases
  • Account Takeover
  • Good User Validation
  • Automated Attacks
  • New Account Fraud
  • Loyalty Fraud

Industries

  • Industries
  • Banking & Financial
  • eCommerce
  • Digital Goods

Resources

  • Resources
  • Articles
  • Blog
  • Brochures & Datasheets
  • Infographics
  • Videos
  • Webinars

Contact us

Still have questions?

Call: +1 (604) 800-3711
Twitter Linkedin Newsletter Youtube
© Mastercard Technologies Canada ULC 2021 - Terms of Service - Privacy Policy
Scroll to top