Hackers have proven time and again that no one is safe from their attacks, even members of Congress. In a recent incident, hackers gained unauthorized access to a healthcare marketplace for DC lawmakers and residents, resulting in the exposure of sensitive personal information such as Social Security numbers, birth dates, addresses, and phone numbers. This incident highlights the brazen and relentless nature of cybercriminals, who are constantly on the lookout for valuable data.
A report by IBM in 2021 revealed that personal identifiable information (PII) was included in 44% of all breaches studied, making it the most common type of records lost or stolen. This demonstrates the high value that hackers place on PII. Furthermore, the Identity Theft Resource Center’s analysis revealed that an estimated 89 million individuals in the U.S. fell victim to data compromises in the first quarter of 2023. These numbers clearly indicate that cybercriminals are not slowing down and that the protection of PII should be a top priority for businesses and government agencies.
To address this issue, businesses should carefully evaluate the information they collect from consumers and question whether they truly need certain data for identity verification purposes. For example, gyms may not require Social Security numbers for membership applications, and health providers may not need them if patients have insurance. By minimizing the collection and storage of PII, businesses can reduce their risk of being targeted by cybercriminals and potential liability in the event of a breach.
Consumers should also be vigilant and question why businesses require their sensitive information. They should ask how the information will be used, especially when it comes to providing their Social Security numbers or birthdates. By being proactive and cautious, consumers can play a role in protecting their personal information.
Additionally, the widespread adoption and use of verified digital identification can mitigate the risks associated with sharing sensitive information repeatedly. With verified digital IDs, individuals would only need to provide their personal information once for verification when their digital ID is created. Subsequently, they can present their digital ID instead of repeatedly sharing their sensitive information. This system reduces the likelihood of personal information falling into the hands of cybercriminals, thereby increasing trust in businesses and decreasing the risk for individuals.
However, despite the benefits of digital IDs, their usage is still not prevalent. Many verification and assurance processes continue to rely on analog methods. Nonetheless, as data breaches become more common and consumers seek alternatives to the storage of their information in multiple vulnerable locations, the demand for verified digital IDs is likely to increase. Businesses should anticipate this shift and be prepared to embrace it.
By reducing the amount of data collected and stored, businesses can significantly decrease the allure for hackers to target them. Embracing verified digital identification systems will further enhance data security, protect individuals’ privacy, and foster trust between businesses and consumers. As hackers continue their relentless pursuit of valuable information, it is imperative that organizations take proactive measures to safeguard PII and adapt to the changing landscape of cybersecurity.
About the Author:
Raj Ananthanpillai serves as the Founder and CEO of Trua, a company that specializes in privacy-preserving identity and risk-screening platforms. Trua’s solutions aim to ensure trust and safety in digital environments, sharing economy, employment, and workforce screening. For more information, visit Trua’s website at www.truame.com or connect with Raj on LinkedIn at https://www.linkedin.com/in/raj-ananthanpillai-endera/.