Each time there’s a high-profile data breach, security experts exhort the same best practices: Create unique logins for every service you use, use complex passwords, vigilantly comb your credit card statements for anomalies. The advice is sound. Unfortunately, it obscures the fact that the safety of your personal information is ultimately in the hands of companies you share it with.
Identity theft is changing. Customer databases are a treasure trove of personal information and much more efficient for hackers to target than individuals. In this new landscape, the guidelines security experts—and journalists like me—espouse are really just damage-control measures that minimize the impact of a successful attack after the fact, but do absolutely nothing to protect your personal data or financial information from the attack itself.
To read this article in full or to leave a comment, please click here