Attorney General Lisa Madigan, Wednesday, Aug. 27, alerted Illinois businesses and residents to a disclosure by the Department of Homeland Security that over 1,000 U.S. businesses were hit by hackers in the same types of data breaches reported by Target and other major retailers.
Madigan is leading investigations into large data breaches reported in the past year by Target, Neiman Marcus, Michaels Stores, eBay and Sony. Last week, the Department of Homeland Security disclosed that over 1,000 other businesses across the country were affected by the same kinds of cyberattacks that hit those large retailers, potentially affecting millions more consumers nationwide than previously known.
“Unfortunately, it is not a matter of if but when you will become a victim of some sort of cybercrime,” Madigan said. “Taking commonsense precautions and making them routine can greatly reduce the threat and any damage done by a data breach.”
Madigan reminded affected companies that state law requires them to promptly notify customers that their personal data has been compromised in a data breach. She also urged businesses with Illinois customers to ask their IT professionals to check their point of sale systems for the types of malware that the Department of Homeland Security says have been discovered. In addition, businesses should:
- Ensure their antivirus software is updated and able to scan for malicious software;
- Require employees to create strong network passwords that include numbers, letters and symbols;
- Require regular employee password changes;
- Lock out network access after a set number of unsuccessful login attempts; and
- Limit remote network access as much as possible.
Madigan also emphasized what Illinois residents can do to better protect their personal and financial information:
Set up transaction alerts on your accounts to receive notifications when your credit or debit card is used above a certain dollar amount, so if someone uses your card without authorization, you’ll receive a text message or email and can immediately call your card issuer to dispute the charge.
Regularly review your bank and credit card statements to make sure there are no unauthorized transactions. Contest any unauthorized charges immediately by contacting your bank using the toll-free number on the back of your credit or debit card. Prompt reporting of unauthorized charges is critical to limit your liability, particularly if you are a debit card user because liability depends on how quickly you report a lost or stolen card. For instance, if you report a lost or stolen debit card before any unauthorized transactions occur, you are not responsible for any of the unauthorized charges, but if you make the report within two business days of losing your card, you can be liable for up to $50 of unauthorized charges. After two days, reporting lost or stolen cards can increase your liability anywhere from $500 and up.
Review your credit reports for unauthorized accounts. You are entitled to one free credit report from each of the three nationwide credit reporting agencies per year. Go to www.annualcreditreport.com, or call 1-877-322-8228 to order your credit reports. Make sure all the information is correct. If not, immediately contact the credit reporting agency to request that the information be explained or corrected.
Consider putting a security freeze on your credit. A security freeze can prevent someone from taking out credit in your name. There is a downside because having a freeze in place will also hamper you from opening new accounts or anything involving a credit check, such as renting an apartment or purchasing a car or home. But you can easily have the freeze lifted when you want to allow a company to check your credit.