Wednesday, November 4, 2015

For Cybercriminals, Data Breaches are about Quality over Quantity

When the average data breach victim receives a notification letter about a big company losing their personal information, he or she probably has no clue what the potential consequences actually are. Of course it’s never a good thing when criminals get their hands on your sensitive information, but the severity of the data breach from the victim’s perspective depends on what was actually stolen by the hackers. For example, it may surprise you that your stolen credit card information is some of the least valuable data in the cybercriminal market, due to the banking world’s ability to cancel or change that information quickly.

However, the most valuable information to cybercriminals is your personal information that cannot be changed quickly—such as your address, phone number, social security number, and driver’s license number. Hackers sell this personal information to other cybercriminals that in turn use it for a myriad of illegal activities and cause countless problems for the victim. For cybercriminals, a complete set of personal information for one victim is usually much more valuable than having partial sets of information for dozens of victims.

This is why it is so important for companies that have experienced a data breach to be entirely transparent about exactly what information was taken from them. Many states have adopted laws requiring companies that failed to protect personal information to promptly notify all victims of the breach. 

Unfortunately, in a lot of instances these companies send the notification letters, but they try to downplay the severity of the breach, which gives the victims a false sense of security when they should actually be taking steps to protect themselves from potential identity theft. The victims have to know exactly what information of theirs was lost in order to effectively protect themselves.

To learn more about how personal information from a data breach is valued and exploited in the cybercriminal world, follow this link to a well-written article:



If you have been notified that your personal and private sensitive information has been compromised in a data breach, please contact Chris Hellums at 1-866-515-8880 or by email at chrish@pittmandutton.com today to discuss your legal rights.