Data Breach: What It Is and Why You Should Care
What is a Data Breach?
A data breach happens when unauthorized parties gain access to confidential personal information stored by an organization. What is considered personal information depends on state law but typically includes an individual’s first name (or initial) and last name plus one or more of the following:
§ Social Security number
§ Driver’s license number or state-issued ID card number
§ Account number, credit or debit card number, combined with any security code, access code, PIN, or password needed to access an account
Typically, digital accounts and information come to mind–but a data breach can happen to physical records as well. And, while we generally consider data breaches to be tied to criminal endeavors, a data breach can be accidental and without malicious intent. Accidents happen!
Why Should You Care?
The consequences of a data breach can be severe. Once your personal data is exposed, criminals may use it to:
• Open fraudulent accounts in your name
• Steal your money or make unauthorized purchases
• Commit tax or medical identity theft
• Access your online accounts, including email and social media
• Sell your information on the dark web
Even if you’re not directly targeted, a breach involving your data can cause long-lasting damage and stress.
What Happens Next?
“It’s just part of life now,” we might say. Or “It’s a risk of being online in 2025.” However, we can do more than cross our fingers and hope we aren’t impacted by the next data breach. While it can be easy to feel helpless, it’s important to stay aware and help protect yourself.
Immediately after receiving a data breach notification in your inbox or hearing about a retailer breach that might affect you, it’s important that you act quickly to help secure your information and mitigate any potential damage.
What to Do if You’re Affected
If you learn your personal information has been breached, to help protect yourself in the case of future data breaches, the following actions can help you save time and money for the inevitable next time:
1. Don’t reuse passwords.
Even if the data breach notification you receive is for an account you don’t use anymore, so it doesn’t have your current credit card information, you might have used a password that you’re still using on other sites. Hackers know there’s a good chance you’re using the same password on multiple platforms. If they access your old gaming password from college, they might also be able to use it to log in to your current financial accounts.
2. Turn on multi-factor authentication (MFA) whenever it is available.
Accounts that offer MFA provide extra security by requiring additional forms of identification beyond a password to log in to an account, such as a passcode or secret key obtained via text or email. This will help keep your account secure even if your password is compromised.
3. Keep a close eye on your credit report.
It can often take months for a company to find out that their customers’ data has been stolen and then communicate the information to their users. By then, your personal information could have already been sold on the dark web and used to open lines of credit before you have even been notified of the risk. Federal law entitles you to a free copy of your own credit report at least once every 12 months from each of the three main consumer credit reporting agencies: Equifax, TransUnion, and Experian. Reports can be requested at annualcreditreport.com or by calling 1-877-322-8228.
4. Consider placing a fraud alert.
If you’ve been impacted by a data breach, you may also consider placing a fraud alert on your credit report. An initial fraud alert is free and will stay on your credit file for at least 90 days. The alert informs creditors of possible fraudulent activity within your report and requests that the creditor contact you prior to establishing any accounts in your name. Additional information is available at http://www.annualcreditreport.com.
Next time you receive a notification about a possible data breach, follow the steps above, both to put a stop to harm that may have already begun and to make it much more difficult for them to impact you in the future.
If you or a family member worry that you have become a victim of identity theft after a data breach or another fraud event, do not hesitate to reach out to one of our Identity Theft Recovery Advocates that are available to you as an <EMBEDDED ACCOUNT> account holder. They can help you assess what information has been compromised and quickly begin the process of recovering any losses that have occurred.
Text Scams Cost Americans $470 Million In 2024
WASHINGTON—In 2024, consumers reported losing $470 million to scams that started with text messages, new data from the Federal Trade Commission show.
This amount is five times higher than what was reported in 2020, even though the number of reports declined, the FTC said.
The most commonly reported type of text scam was fake package delivery, where scammers send alerts about a supposed issue with an incoming delivery. Bogus job opportunities were also common, including “task scams,” which involve promises of online work requiring people to complete a series of online tasks and end up with requests for people to invest their own money.
Other text message scams reported frequently were fake “fraud alert” messages sent to consumers warning about a suspicious purchase or an issue with their bank; warnings about fake unpaid tolls with a link to pay them; and “wrong number” scams that start as a seemingly misdirected message. Wrong number scams often evolve into a conversation with romantic undertones that can lead to investment and other scams, the FTC said.
Have you set up your internal code word to be used when you call the Credit Union?
We are advising all members to do so. A code word is something you and only you will know. When you call the NH Postal Credit Union for account information, we will ask you this code word for verification. Call and speak to a Member services representative today!
What are some classic warning signs of possible fraud and scams? *
There are several signs that indicate you might be dealing with a scammer, and several steps you can take to protect yourself and others.
Criminals and con artists use many scams to target unsuspecting people—of all ages—who have access to money. Consumer scams happen on the phone, through the mail, e-mail, or over the internet. They can occur in person, at home, or at a business.
Warning signs include contact from someone:
Claiming to be from the government, a bank, a business, or a family member, and asking you to pay money.
Asking you to pay money or taxes upfront to receive a prize or a gift.
Asking you to wire them money, send cryptocurrency, send money by courier, send money over a payment app, or put money on a prepaid card or gift card and send it to them or give them the numbers on the card.
Asking for access to your money-such as your ATM cards, bank accounts, credit cards, cryptocurrency wallet keys or access codes, or investment accounts.
Pressuring you to "act now" or else the deal will go away, or trying hard to give you a "great deal" without time to answer your questions.
Creating a sense of urgency or emergency to play on your emotions.
Here are some tips to protect yourself from scams:
Don’t share numbers or passwords for accounts, credit cards, or Social Security.
Never pay up front for a promised prize. It’s a scam if you are told that you must pay fees or taxes to receive a prize or other financial windfall.
After hearing a sales pitch, take time to compare prices. Ask for information in writing and read it carefully.
Too good to be true? Ask yourself why someone is trying so hard to give you a “great deal.” If it sounds too good to be true, it probably is.
Watch out for deals that are only “good today” and that pressure you to act quickly. Walk away from high-pressure sales tactics that don’t allow you time to read a contract or get legal advice before signing. Also, don’t fall for the sales pitch that says you need to pay immediately, for example by wiring the money, sending it by courier or over a payment app, or by sending cryptocurrency.
Beware when someone plays on your emotions or claims there’s an urgent situation. Advances in artificial intelligence make it easier for scammers to clone voices and alter images to make it seem like someone you know needs help. Contact the person yourself to verify the story. Use contact information you know is theirs. If you can’t reach them, try to get in touch with them through another trusted person, like a family member or their friends.
Don’t click on links or scan QR codes. These can take you to scammers’ malicious websites or give them access to your device.
Put your number on the National Do Not Call Registry. Go to www.donotcall.gov or call (888) 382-1222.
* Consumer Financial Protection Bureau
Report Fraud:
In October 2020 the FTC launched ReportFraud.ftc.gov a site for people to report fraud and other illegal business practices. Reports from consumers are stored in the Consumer Sentinel Network, a secure online database available only to law enforcement.
IRS Identity Theft Awareness
The IRS Identity Theft Awareness
The Internal Revenue Service (IRS) has launched its “Identity Theft Central” webpage to provide 24/7 access to online information regarding tax-related identity theft and data security protection. Tax-related identity theft occurs when someone steals personal information to commit tax fraud.
StayConnectedNH ! Sponsored by NH Credit Unions/ Better Values - Better Banking
Isolated and vulnerable, more than 3 million older Americans are victims of financial abuse every single year.
Today, a new tool is added to the arsenal to protect New Hampshire’s vulnerable populations by raising awareness of financial exploitation in the Granite State: StayConnectedNH.org.