Recent high-profile government data breaches add to the long list of cyber attacks putting consumers' information at risk. Given the scale of such attacks, "you have to assume we're all going to be victims at some point," says Neal O'Farrell, security and identity theft expert at Credit Sesame, a consumer credit advice Web site. "The focus has to be on detecting it early and minimizing the damage."
Both the IRS and the U.S. Office of Personnel Management announced in recent weeks that they have been targeted by cyber crooks. The IRS said in late May that hackers had gained unauthorized access to information on roughly 100,000 taxpayers. And OPM said in early June that personal information of about 4 million current and former government employees may have been stolen. These attacks come on the heels of other large-scale data breaches in the private sector, such as at health insurer Anthem.
While consumers can't prevent data breaches, they can wrap some barbed wire around their personal information. Your first step: Change your passwords often, and make them complex. Services such as 1Password (www.agilebits.com) and Dashlane (www.dashlane.com) can help you generate strong passwords and change them quickly.
From just $107.88 $24.99 for Kiplinger Personal Finance
Become a smarter, better informed investor. Subscribe from just $107.88 $24.99, plus get up to 4 Special Issues
Sign up for Kiplinger’s Free Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
If you don't want to use one of these password managers, O'Farrell suggests this trick: Think of a sentence about a memorable past event and pull out the first letter of each word, maintaining the upper and lower cases, and all the numbers. "I graduated from Springfield High School in May 1964," for example, would give you the password IgfSHSiM1964.
Next, ask your bank, credit card issuer and other organizations you deal with online whether they offer "multifactor authentication" -- a security system that requires multiple steps. After you enter your password, for example, a bank could send a text to your smartphone with a code that lets you access your account. That way, even if a cyber thief gets your password, he still will not be able to access your account because he won't have your phone. Besides big financial institutions, e-mail providers such as Google's Gmail and social media sites such as Facebook offer this security.
Keep a Close Eye on Your Accounts
Monitor your credit report and all accounts closely. Request a free credit report at www.annualcreditreport.com. Services such as BillGuard (www.billguard.com) and Mint (www.mint.com) can help you monitor transactions across all your accounts. "Don't ignore small transactions you don't remember," says Becky Frost, senior manager of consumer education at credit reporting company Experian. Often, she says, a thief will make a small transaction to be sure an account is open before going further. "If it's something you don't recognize, alert your bank immediately," she says.
Don't rely on your bank to flag suspicious activity. Generally, "bank systems are set up to detect out-of-pattern spending," such as an Iowa resident making transactions in France, says Adam Levin, chairman of IDT911, which helps businesses prevent data breaches. But thieves can pair stolen account information with zip codes, so "as long as purchases are in the realm of what you normally do, banks may not pick it up,"
he says. "Look at your accounts on a daily basis."
Be stingy with the information you share online, over the phone or in person. Doctor's offices, sports clubs and other organizations may ask for your Social Security number as a simple way of identifying you, but in many cases, they really don't need this information, Frost says. Ask if they can use another identifier.
Online, "it's completely fine to post pictures of your cat" on social media sites, Frost says. "But make sure 'Fluffy' isn't the security question that unlocks your account." When using e-mail, don't click on links or call phone numbers contained in messages purporting to be from your bank or credit card company. Look at the back of your debit or credit card to find the phone number you should call.
-
Dow Adds 646 Points, Hits New Highs: Stock Market TodayIt was "boom" for the Dow but "bust" for the Nasdaq following a December Fed meeting that was less hawkish than expected.
-
5 Types of Gifts the IRS Won’t Tax: Even If They’re BigGift Tax Several categories of gifts don’t count toward annual gift tax limits. Here's what you need to know.
-
The 'Scrooge' Strategy: How to Turn Your Old Junk Into a Tax DeductionTax Deductions We break down the IRS rules for non-cash charitable contributions. Plus, here's a handy checklist before you donate to charity this year.
-
Seven Things You Should Do Now if You Think Your Identity Was StolenIf you suspect your identity was stolen, there are several steps you can take to protect yourself, but make sure you take action fast.
-
The 8 Financial Documents You Should Always ShredIdentity Theft The financial documents piling up at home put you at risk of fraud. Learn the eight types of financial documents you should always shred to protect yourself.
-
How to Guard Against the New Generation of Fraud and Identity TheftIdentity Theft Fraud and identity theft are getting more sophisticated and harder to spot. Stay ahead of the scammers with our advice.
-
12 Ways to Protect Yourself From Fraud and ScamsIdentity Theft Think you can spot the telltale signs of frauds and scams? Follow these 12 tips to stay safe from evolving threats and prevent others from falling victim.
-
Watch Out for These Travel Scams This SummerIdentity Theft These travel scams are easy to fall for and could wreck your summer. Take a moment to read up on the warning signs and simple ways to protect yourself.
-
Amazon Resale: Where Amazon Prime Returns Become Your Online BargainsFeature Amazon Resale products may have some imperfections, but that often leads to wildly discounted prices.
-
How to Guard Against Identity Theft in 2025Scammers are getting better at impersonating legitimate businesses.
-
Roth IRA Contribution Limits for 2026Roth IRAs Roth IRAs allow you to save for retirement with after-tax dollars while you're working, and then withdraw those contributions and earnings tax-free when you retire. Here's a look at 2026 limits and income-based phaseouts.
