A recent report by the U.S. Marine Corps indicates an unintended data disclosure, the result of a single accidental keystroke. Never backing down from a fight, learn from Jarheads how to best defend yourself from a data breach and strengthen your position!
Have you ever thought twice about clicking “send” after drafting an email? We’re sure you have; everyone has. The most common reasons involve editing the text for clarity, context, or tone. Sometimes you verify the email addresses for the “to” field. These are all great measures that everyone can — and should — take before sending an email, especially one with sensitive data enclosed.
Yet, accidents happen. A recent accidental keystroke shared an email to an incorrect distribution list, which included the unencrypted personal data of more than 20,000 U.S. Marines, their families, and civilians. Social security numbers, bank details, credit card information, home and mailing addresses, and emergency contact information were all disclosed. Does this fall under the label of “data breach” if the disclosure was part of an “oops” and not a cyber attack?
Marine Forces Reserve spokesperson Andrew Aranda has said the Marines’ IT staff is reviewing cybersecurity and information assurance processes to update their overall guidelines and to better train team members at every level. More importantly, this was an accident without malicious intent, and a cybersecurity vulnerability was not the cause. Additionally, the United States Armed Forces branches fully understand the great responsibility to protect highly-confidential personally identifiable information (PII) stored in their records and a lengthy history of excellence in this arena.
More than 20,000 individuals will now need to diligently check their credit report on a regular basis to ensure this disclosure doesn’t leave them open to identity theft. Add to this number the family members potentially impacted, and the full amount affected could double or triple. This is a story too well-known by millions of Americans in recent years. Customers of Anthem, Target, eBay, and The Home Depot are just a few examples of organizations whose customers have been impacted by data breaches. Cybercriminals and cyberterrorists — hackers — are just waiting for a weakness to exploit. This introduces two key questions:
How aware are the individuals behind this incident of security protocols and risks? The basic information assurance training from as recent as a year ago isn’t current for today’s needs as a means of self-awareness and protection.
The focus of information assurance is on the security of data. While “protection of data” may not be the first concept that comes to mind when you think of the United States armed forces, the protection of its people is an inherent byproduct of its very nature. The military does not operate in the same ways as Corporate America, with many factors contributing to the differences. One thing is certain: the military takes its duty to serve and protect American citizens very seriously and is dedicated to assisting those impacted.
How can consumers protect themselves?
As we already mentioned, check credit reports regularly. Once a cybercriminal has a name, address, and a few pieces of personal information, this data can be used to misrepresent an identity online.
Aside from checking credit reports, we strongly suggest changing all passwords. Most importantly, start with changing passwords for online banking, credit cards, email, and social media accounts. After these, move on to seemingly innocuous accounts like the United States Post Office and those for magazines or local newspapers, with active subscriptions.
In this case, credit card numbers were included in the disclosed data. It’s a huge pain, but it’s worth it in the long run for protection to report the accounts as compromised and have new card numbers issued.
Every day brings a story of new ways hackers use to access PII of consumers and how this information is used to their advantage – and to the detriment of the consumers affected. Consumers need to regularly assess their risk and do their best to eliminate the unknown, where possible by taking these measures to protect themselves. Maintaining a realistic perspective on this risk will be instrumental as “an ounce of prevention” here.
In modern days of digital communication, we can never be too careful as hackers are becoming far more sophisticated and staying one step ahead of consumers. Imagine if cybercriminals used their power for good!
Don’t let one mistake cause years of hassles and headaches – talk to an expert if you think you’ve been compromised in this or any other data breach, and protect yourself.