Millions of AT&T Customers Exposed in Latest Major Data Breach: Here’s How to Protect Yourself

128

In the steady march towards a fully digitized world, data breaches have become a grim regularity. The case in point, the recent breach impacting millions of AT&T customers, signifies an unnerving trend. As our existence moves inexorably online, the private details of our lives – email addresses, phone numbers, birth dates, and even our unique passcodes – stand ever more exposed, susceptible to inadvertent disclosure or outright theft.

In malevolently orchestrated data infringements, cyber miscreants leverage filched information to single out individuals for phishing decoys, or commit identity theft by applying for loans or credit cards under the victims’ names.


How then do we shield ourselves from such cyber onslaughts?

The first step is exercising awareness. Although there isn’t a federal mandate in the U.S. imparting upon organizations the onus to issue notifications during data breaches, it is generally considered standard procedure to apprise those affected and often offer identity protection services, noted Oren Arar, the vice president of consumer privacy at the cybersecurity firm, Malwarebytes.

Across the Atlantic in the European Union, the bloc’s privacy regulations decree the disclosure of certain types of breaches, rendering the situation slightly more favorable. Post the disclosure of a breach, cybersecurity savants emphasize the need to stay alert and be on guard for phishing, and acquaint oneself with other forms of social engineering traps, such as seemingly legitimate emails or phone calls claiming to offer help or originating from the breached entity.

How can one decipher the veracity of such overtures? Reach out directly to the company or the organization in question to verify the claim. But make sure to use their official website, smartphone application, or social media mediums; steer clear of links or contact details embedded in the messages you receive.

A valuable resource for identity theft victims is the Federal Trade Commission’s website, identitytheft.gov, providing step-by-step advice to navigate through potential scenarios and bounce back.

In the unfortunate event of your data being laid bare, urgently change the password for the compromised account. Opt for a robust password comprising a mix of letters, numbers, and symbols. The lengthier, the better, with some experts endorsing the 16-character mark. Implement multifactor authentication, which demands an additional layer of approval in the form of either a code sent via text or email, or the insertion of a unique USB key into your device.

However, if you’ve been using the same or a similar password across various websites and online accounts, modify it at once. If one of your passwords is exposed, hackers will be quick to try that password on your other accounts, gaining unhindered access. A password manager could be instrumental if you find it challenging to remember all your diverse credentials.

“Just because your information is caught in a breach, doesn’t necessarily mean your identity’s been purloined, or your money, snatched. But it does catapult you into a risk zone,” Arar mentioned. The prudent approach involves monitoring your credit for new accounts, changing compromised passwords, resorting to multifactor authentication, and maintaining a distinct ‘junk’ email for lesser-important sign-ups.”

Keeping your eye on the occurrence of data breaches can be a task, given their widespread prevalence. Tools like the ‘Have I been Pwned,’ a complimentary website displaying if your email has been caught in a data breach, and Malwarebytes’ ‘Digital Footprint Portal,’ which checks if your information has been posted on the dark web, can be of great help.

“Whenever public data breaches transpire, cybercriminals amass as much data as conceivable to sell it on the dark web,” informed Darren Guccione, CEO of Keeper Security, a firm that develops password protection software and offers a tool named BreachWatch, scanning the dark web for your personal information.

If your card payment was compromised, get in touch with your bank or credit card company immediately, ask them to flag any doubtful activities, and presumably, procure a new card on the double. Some banking and credit card applications allow for instant account locking and transaction freezing.

Additionally, credit agencies, major ones being Equifax, Experian, and TransUnion, should also be apprised. They can freeze your credit, hampering the opening of new accounts or call into effect a fraud alert, which will act as a caveat added to your credit report propelling lenders to contact you before going ahead with the lending process.

Take pains to exercise heightened caution in case telephone companies, like AT&T in the present scenario, suffer a breach and you’re a customer. This puts you at risk of a ‘simjack,’ where malefactors could steal your phone number and access other accounts employing that number for multi-factor authentication via text messages.

To thwart such attempts, AT&T suggests setting up an exclusive passcode to prevent blatant account alterations such as porting numbers to another carrier service. Additionally, diligently remove phone bills, bank statements, and other messages containing personal info from your email account, so that if felons pilfer access to your inbox, they won’t be able to utilize that information to bypass security checks.