Lessons to be learned from Presnell breach

— It’s harder to gauge the impact of security breaches for rural residents when the company hit is Target, Home Depot or Anthem. However, when local companies like Presnell Gage face unauthorized data accesses, the serious plight within our IT industry hits home.

Letters recently were sent locally to Presnell Gage clients informing them their “personal information may have been accessed.” Addressed Sept. 12, it states “a number of our clients had tax returns filed in their names without their authorization. … On August 18, 2016, we determined that client files may have been accessed without our authorization between July 16, 2016, and August 18, 2016.”

Philip J. Nuxoll, managing member of the firm, stated the company has taken a very proactive stance in response to this incident. Nuxoll stated Presnell Gage represents local governmental entities and school districts but there is no information indicating those were impacted by the breach.

“It was a very unfortunate incident,” he said. “We found there were 99 returns affected and we have taken a proactive stance. … There is no evidence any [clients] were taken advantage of. We have been in contact with the IRS and the Federal Bureau of Investigation. This is an active investigation.”

Tips for protecting your data

•Lock your financial documents and records in a safe place at home, and lock your wallet or purse in a safe place at work.

•Take only the identification (not including your Social Security card), credit, and debit cards you need when you leave your house.

•Make a copy of your Medicare card and black out all but the last four digits on the copy. Carry the copy with you  unless you are going to the doctor’s office.

•Shred receipts, credit offers, credit applications, insurance forms, physician statements, checks, bank statements, expired charge cards, and similar documents when you don’t need them any longer.

•If a company sends an email asking for personal information, don’t click on links in the email.

•Before you dispose of a computer, get rid of all the personal information it stores.

•Before you dispose of a mobile device, remove the memory or subscriber identity module (SIM) card from a mobile device. Remove the phone book, lists of calls made and received, voicemails, messages sent and received, organizer folders, web search history, and photos.

•To guard your online transactions, use encryption software that scrambles information you send over the internet. A “lock” icon on the status bar of your internet browser means your information will be safe when it’s transmitted.

•Use strong passwords with your laptop, credit, bank, and other accounts.

•Never post your full name, Social Security number, address, phone number, or account numbers in publicly accessible sites.

•Keep a close hold on your Social Security number and ask questions before deciding to share it.

•Install anti-virus software, anti-spyware software, and a firewall. Set your preference to update these protections often.

•Before you send personal information over your laptop or smartphone on a public wireless network in a coffee shop, library, airport, hotel, or other public place, see if your information will be protected. If you use an encrypted website, it protects only the information you send to and from that site. If you use a secure wireless network, all the information you send on that network is protected.

•Keep financial information on your laptop only when necessary.

Don’t use an automatic login feature that saves your user name and password, and always log off when you’re finished.

The letter also states Presnell Gage has offered 36 months of credit monitoring and identity protection services to individuals whose information was compromised.

Statistics shed light on how this issue has risen to the forefront of national security.

The Identity Theft Resource Center reports 781 breaches in the United States in 2015; making it the second highest year since ITRC began its tracking in 2005. In the report it was noted health and medical companies account for 35.5 percent of all breaches that year. This is a second place ranking, just below the business sector at 40 percent and above the banking, credit and financial sector at 8.1 percent.

IRS Commissioner John A. Koskinen announced in November of last year the formation of a Security Summit Group to inform the public of ways to protect themselves. In his public address he said:

“There are 150 million households that file federal and state tax returns involving trillions of dollars. For each of those households, these returns involve some of your most important and sensitive personal data. More than 90 percent of these tax returns are prepared on a laptop, desktop or even a smartphone – whether they’re done by an individual or a tax preparer.

This is a massive amount of sensitive data that identity thieves would love to get access to. We want to make it harder for these criminals to succeed, and to do that, everyone needs to be actively safeguarding their personal data, whether on their personal devices or in their personal interactions.”

Koskinen listed the following tips, and more are available online at https://www.irs.gov/pub/irs-pdf/p4524.pdf

Always use security software with firewall and anti-virus protections. Make sure it is always turned on and can automatically update. Encrypt sensitive files such as tax records you store on your computer. Use strong passwords.

Learn to recognize and avoid phishing emails, threatening calls and texts from thieves posing as legitimate organizations such as your bank, credit card company and even the IRS. Do not click on links or download attachments from unknown or suspicious emails.

Protect your personal data. Don’t routinely carry your Social Security card, and make sure your tax records are secure. Treat your personal information like you do your cash; don’t leave it lying around.

Comments

Use the comment form below to begin a discussion about this content.

Sign in to comment

CLOSE X

Information from the Free-Press and our advertisers (Want to add your business to this to this feed?)