BlackCloak recently commemorated Data Privacy Day by sharing tips on how to reduce the risk of having your information exposed in a data breach. After a record number of data compromises in 2021, there isn’t a better time to limit the harms you may face when a breach hits an organization or website that has your personal information.

In the latest installment of BlackCloak’s Thursday Threat Update, we take a look at two data breaches where particularly sensitive information was exposed, one impacting a Fortune 500 service provider and another concerning a Washington state agency.

Social Security numbers compromised in ransomware attack

What we know: Morley Companies recently announced that it had suffered a ransomware attack last summer that leaked the sensitive information of more than 500,000 people. In a press release, the Fortune 500 business service provider said that the ransomware attack started on Aug.1, and that the incident affected “current employees, former employees and various clients.” The compromised information included Social Security numbers, dates of birth, and health insurance information.

Recommendations: ​​Morley recommends notifying your financial institution if you notice any suspicious activity on your accounts. In addition to Morley’s advice, we recommend placing a fraud alert or a credit freeze on your accounts as well. To place an alert or a freeze on your accounts, go to the websites for the three major credit reporting agencies, Equifax, Experian and TransUnion. The alerts and freezes are found under tabs that read “Credit Report Help (Equifax), Credit Support (Experian) and Services (TransUnion.) BlackCloak clients can easily initiate a credit freeze in the app. 

Washington state agency falls victim to data breach

What we know: Officials from the Washington State Department of Licensing confirmed the agency has experienced a data breach. In a statement, the department said that it shut down its online licensing system on Jan. 24 after it discovered “suspicious activity involving professional and occupational license data.” The breach may have impacted more than 250,000 individuals and the leaked data may have included “Social Security numbers, birth dates, driver’s license numbers and other personally identifying information.”

Recommendations: Since Social Security numbers were exposed in this breach, we recommend taking the same steps for those affected by the Morley breach: Monitor your accounts for suspicious activity and place fraud alerts and credit freezes. It’s also a good idea to keep your eye out for spear-phishing and business email compromise messages, particularly since the agency has not specified what personally identifiable information was part of the cyberattack.

Taking a proactive approach to data breach prevention 

Data breaches have unfortunately become commonplace in today’s digital ecosystem, but that does not mean you have to sit back and wait for a data breach notification letter to arrive in your mailbox for you to start taking action to mitigate potential risks. It’s important to take some precaution, especially when Social Security numbers and other sensitive information is at stake, as noted by the two breaches we covered above.

For additional guidance, check out our blog post on five ways you can protect yourself from being hacked, five tips on how to prevent identity theft and how to stop cybercriminals from stealing your phone number.  Be sure to also read this blog post about the differences between credit freezes and fraud alerts, which can be a helpful resource to consult should your Social Security number get caught up in a cyberattack.