Washington State

Office of the Attorney General

Attorney General

Bob Ferguson

If you shop, play video games or blog, your information may have been compromised as part of a recent pile-up of data breaches.

cybercrimePrivacy Rights Clearinghouse has tracked 202 breaches so far in 2011. Here are a few:

  • Michaels Stores are reporting a security breach affecting the debit cards of customers in Washington and 19 other states. According to the Chicago Tribune, “Michaels' checkout-line swipe terminals were probably tampered with or swapped out for other machines by thieves who stole account numbers and secret PIN codes, experts say. As a result, Michaels customers have reported having money taken from their bank accounts, often in the amount of $503, and often at cash machines in California.”
  • Sony reported that a hacker stole personal information belonging to 77 million customers of its PlayStation Network.  As many as 12 million credit card numbers might have been included, including 5.6 million belonging to U.S. customers. It’s unclear. Cyber criminals also reportedly accessed an additional 24 million accounts of Sony Online Entertainment users.
  • LifePass, a company designed to keep your passwords to multiple sites safe, failed to do that. The company says hackers may have gotten snatched information from up to 1.25 million customers, Bloomberg reports.
  • Hackers accessed several of WordPress' servers. All information on the servers could have been accessed. Source code, API keys and social media passwords may have been exposed. Blog comments from WordPress spokespeople reveal the stage of the investigation and that phone numbers and financial information were unlikely to have been exposed.
  • Millions of customer e-mail addresses were stolen from Epsilon’s computers. Blogger Brian Krebs has compiled a list of companies that have acknowledged losing customer contact data, including Capital One, U.S. Bank, Target, Kroger, Moneygrram, TiVo and Verizon, just to name a few.

So what now? Here’s what to do to minimize the chance a thief makes off with your money or destroys your credit history:

  • Accept offers of free credit monitoring services from the companies that experienced breaches, but don't consider these services foolproof. And note on your calendar when the free monitoring period ends, so that you aren't automatically charged for continuing such services.
  • Put a security freeze on your files at the three credit reporting agencies if there is a chance that a data breach includes your Social Security number. At the minimum, place a fraud alert. Instructions for both can be found here.
  • Monitor credit and debit card accounts online and report any unauthorized credit or debit transactions.
  • Watch out for e-mail and phone scams that try to convince you to provide personal information.
  • Change user names and passwords on any accounts you know have been breached.

Related All Consuming posts:

Don’t be stabbed by a spear phisher

Phishing attacks likely to follow Epsilon breach

Credit card data possibly stolen from PlayStation and Qriocity users


Recent Posts

Blogroll & Consumer News

Product Recalls