You hear about data breaches happening to all types and sizes of businesses, from local dental clinics to the big credit reporting agencies. The discomforting part is the privacy of our data depends on the companies with which we share it. Sometimes those companies share data with third-party vendors we don’t even know about.
When a company’s records are lost or stolen, your sensitive information—like your Social Security number or bank account information—can land in the hands of an identity thief. The thief can use your information to siphon money from your bank account, gain access to your credit cards, or create new accounts in your name. As a result, your credit reports may be blemished and you could start receiving phone calls from collection agencies.
What You Should Know
If a data breach occurs at a company, state laws typically require the business to notify affected customers within a certain amount of time or be subject to a fine. All 50 states, the District of Columbia, Guam, Puerto Rico, and the Virgin Islands now have data breach laws. Sometimes companies that have had a data breach will offer to pay for six to 12 months of credit monitoring for affected individuals. While this is something the Federal Trade Commission recommends to businesses that have suffered a data breach, it isn’t a requirement.