A new report has revealed that a significant percentage of those who are affected by data breaches eventually become the victims of identity theft.
The study, conducted by Javelin, examined the 16 million individuals who were notified in 2012 that their payment information had been exposed as part of a data breach. Of these individuals, more than one-fourth - 4.4 million - later discovered that they had become targeted by cybercriminals who stole their identities.
The report also revealed that more than 320,000 Americans who were alerted that their bank account numbers had been compromised subsequently experienced fraud on their accounts.
"By breaching the data stores of businesses in the financial, healthcare and retail industries, criminals can obtain the fuel they need to execute various fraud schemes, and these crimes have crippling consequences," said Al Pascual, senior analyst of security, risk and fraud at Javelin Strategy & Research. "Identifying and protecting the sensitive information typically stored by these industries is essential for mitigating the risk of a data breach and, therefore, the risk of financial loss to data custodians, consumers and third-party businesses."
As these numbers demonstrate, many firms are not taking sufficient steps to protect their clients' data. Not only is this having a major impact on consumers, but it is also undoubtedly damaging the organizations themselves. Aside from the potential fines and other sanctions firms may face when they fail to abide by proper data protection standards, there is also the issue of damaged reputations. After all, as consumers become more aware of the dangers they face when their sensitive information is exposed, they are also becoming more likely to avoid firms that have a history of data protection failures.
For these reasons, the Javelin report offered a number of recommendations concerning how organizations can and should go about improving their data security abilities. Among the key points offered by the security firm are the need to locate and identify sensitive data, classify it accordingly and then take steps to ensure that this information is never vulnerable to exposure.
Well-considered policies are essential for this final step. For example, organizations should prioritize high-quality managed file transfer (MFT) solutions that have been designed with security in mind. These tools should be dependable, fast and easy to use, as this will maximize adoption and therefore security.