Are Your Business and Clients at Risk for Identity Theft?

According to The Identity Theft Research Center (ITRC) Annual Data Breach Report, 2023 had a record high number of data compromises in the U.S. in a single year. This represents a 72% hike from the previous all-time high number of compromises set in 2021.

Luckily, there are measures businesses can take to better protect themselves and their clients. Before you can start being proactive, you need to understand how identity theft happens, what it can do to your business, and how to secure your information against the most common cyber threats.

How Does Identity Theft Happen?

Identity theft happens when someone gains access to sensitive information, like Social Security numbers, birthdates, debit PINs, and other data, to willfully commit fraud. They may try to open new credit accounts, use information to apply for loans and other lines of credit, or rack up charges and debt all associated with stolen information.

Identity theft can happen in many ways. One common technique, called “phishing,” occurs when you receive a message from someone trying to trick you into providing sensitive data like financial information or account passwords. Fraudsters can also access information by stealing mail or collecting personal information through phony websites or data breaches. In fact, 64% of companies have experienced web-based attacks, and 43% of cyber attacks target small businesses.

How Often Does Identity Theft Happen?

According to its annual fraud report, the Federal Trade Commission received over 1 million identity theft reports in 2023. Unfortunately, many businesses don’t detect identity theft until the damage has already been done. That’s why it’s important to be proactive and take steps to reduce risk.

How to Minimize The Risk of Identity Theft

Safeguarding your business and the information you collect from clients is crucial. Here are some tips:

1. Create Unique Passwords for Each Account

   Make it as difficult as possible for cybercriminals to access online information. Create unique passwords with a combination of capital letters, numbers, and symbols for each account you have online, and avoid reusing or sharing passwords. This makes the password itself more difficult to guess.

2. Don’t Leave Mail Sitting in the Mailbox

   One of the easiest ways for people to access sensitive data is by intercepting mail. If you receive paper credit card or bank account statements, make sure to pick up your mail deliveries as quickly and often as possible. You can also enroll in paperless billing and statements to further protect your business.

3. Shred Old Documents With Sensitive Information

   Don’t toss old documents in the trash. If you do, you increase the risk of identity thieves intercepting your sensitive information. Instead, buy a paper shredder to destroy financial data before throwing it away.

4. Always Use a Secure Wi-Fi Network

   Internet-enabled devices are not always the most secure technologies. Before you make an online purchase or enter sensitive details on a website, make sure you’re connected to a secure Wi-Fi network. If you’re out and about, use your mobile phone network instead of a public Wi-Fi connection.

5. Only Make Purchases From Trusted Websites

   One of the most common scams cybercriminals run is tricking people into buying from a sham website designed to take your money or steal your credit card information. Before you make a purchase online, research the website. See what others have to say about their products, shipping times, return policies, and customer service. If you see nothing but negative reviews, it may be time to shop elsewhere.

What to Do if Customer Information Has Been Compromised by a Cyber Attack

If you suspect that customer information has been compromised due to a cyber-attack, it is crucial to act swiftly to mitigate the damage and protect your clients. Here are the steps you should take:

1. Contain the Breach: Immediately secure your systems to prevent further unauthorized access. This may involve disconnecting affected systems from the network, changing passwords, and applying security patches.
2. Assess the Damage: Determine the scope of the breach by identifying which systems and data have been compromised. This will help you understand the potential impact on your customers.
3. Notify Affected Customers: Inform your customers about the breach as soon as possible. Provide them with details about what information was compromised and what steps they should take to protect themselves, such as monitoring their accounts for suspicious activity and changing passwords.
4. Report the Breach: Notify relevant authorities, such as law enforcement and regulatory bodies, about the breach. This may include the Federal Trade Commission (FTC) and state attorney general offices.
5. Offer Support: Provide affected customers with resources to help them recover from the breach. This may include offering credit monitoring services, identity theft protection, and guidance on how to secure their information.
6. Review and Improve Security Measures: Conduct a thorough review of your security protocols and practices to identify any weaknesses that may have contributed to the breach. Implement stronger security measures to prevent future incidents.
7. Communicate Transparently: Keep your customers informed about the steps you are taking to address the breach and improve security. Transparency can help rebuild trust and demonstrate your commitment to protecting their information.

Extend Your Business Insurance with Cyber Liability Coverage

Protect your business from identity theft with additional coverage on your business insurance policy. The right protection can help pay for the services needed to take back and secure your business information, any lost income for time taken off work to address the issues, and expense reimbursement incurred because of the theft. Contact an insurance agent today to discuss the details.

*Originally published on December 9, 2021