Coalition for Data Security issued its new guide First Do No Harm: How to respond when your consumer data is breached – a practical guide for action when consumers are involved in a data breach. It is designed to provide accurate information about the relationship between data breaches and identity theft so that consumers can protect themselves from possible consequences of a breach without causing more harm than good.
The First Do No Harm guide provides step-by-step advice based on the type of breach that occurs, such as:
- The “Identity Information” breach reveals a combination of name, Social Security number, and other personally identifiable information. Government and university breaches are frequently this type – groups that tend to lag behind the private sector on encryption technology and other security measures.
- The “Account Information” breach will include bank account numbers, credit or debit card numbers, or other financial information where a criminal could attempt to use the financial accounts directly. Extreme reactions such as credit freeze will do nothing to protect a consumer in these cases.
- The “Don’t Lose Sleep Over It” breach exposes things like names, addresses, phone numbers. This is no different than one’s information being in a phone book, and will not lead directly to identity theft or account fraud.
- Other Sensitive Breaches, such as insurance, cell phones, or other services. The amount of damage a criminal can cause will be limited to those services.