As we approach the winter holidays and the final weeks of 2013, two things have come together recently that underscore the dangers everyone faces now to their personal information. These events highlight that we’re increasingly in a world where best practices for everyone now needs to include real time identity theft monitoring.
First, our CTO, Raimund Genes released his annual predictions about what he thinks might happen in 2014, “Blurring Boundaries: Trend Micro Security Predictions for 2014 and Beyond”, which includes his prediction that we will see “One Major Data Breach Each Month.”
Second, as if to prove the truth of that prediction early, we’ve learned that Target, a major retailer in the United States, is confirming a large data breach that occurred from November 27 through December 15 affecting credit and debit care information of up to 40 million customers. In essence, one of the largest retailers in the United States was successfully attacked for 2 ½ weeks at the height of the shopping season.
The Target situation is still developing: we don’t know how many credit and debit cards are actually abused. But for now, the story is enough to concern anyone that shopped in-store at Target during that time.
And the news from Target should cause the retail and online security and privacy industries to take note. If an organization of the size and sophistication of Target and with the resources available for security can be compromised like this, it shows that big breaches like this will continue and likely continue to get worse.
As Raimund says, you can expect big breaches like this once a month now.
This means it’s time for all of us to start looking at real time identity theft monitoring as a necessary best practice just like real time security software on our computers and devices. The amount of personal information that’s out there combined with the increasing successes that attackers are having breaching defenses to get that data means that not only is it dangerous not to check your credit reports regularly for suspicious activity, but that we need to be running near-continuous checks on those reports. I have friends who have been the victims of identity theft and can attest that the longer the crime goes unnoticed, the harder it is for the victim to undo the damage.
The other argument to be made is peace of mind in the face of these incidents. Knowing that you have continuous monitoring in place can help mitigate the sense of panic and worry that can arise in the early stages of situations like this with Target. While they are figuring out who may or may not be affected, you can know that you at least have the protection of real time monitoring to help you if you were affected. It’s not bulletproof, but it’s better than nothing.
There was a time when people didn’t think they needed real time security software. But over time attacks became frequent and successful enough that most people now agree it’s necessary. We are at a similar tipping point regarding real time identity theft monitoring. As we look to 2014 with the prospect of one of these events a month, I certainly wouldn’t want to go into the new year without that protection.