It’s not the first time we’ve heard such news, and it surely won’t be the last.
The recent hacking of data at Capital One Financial once again highlighted the potential risk to citizens’ personal information stored digitally. The data breach at the credit card firm reported last week compromised the information of about six million Canadians and more than 100 million Americans.
Fortunately, the alleged hacker was arrested by the FBI, it was reported. Capital One indicated that no one’s credit card account numbers or login information was compromised, and added in a statement, “Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual.”
But that doesn’t mean we can all relax entirely. The Capital One breach is just the latest in a string of cyberattacks and experts warn that such attacks are not only becoming more frequent, but are bigger in scope. That’s because large corporations are holding an ever-growing amount of personal data in online storage repositories, making them increasingly inviting targets for hackers.
“There’s definitely a rise in personal data theft, there’s a rise in data breaches,” Claudiu Popa, a cybersecurity expert with Datarisk Canada, said in a Canadian Press story last week.
The 2017 data breach at Equifax reportedly put the information of as many as 143 million people at risk, the majority of them in the U.S., though an estimated 8,000 Canadians were also affected. Just two weeks ago, Equifax agreed to pay a $700-million fine to settle with the U.S. government and states because of the breach.
Last November, Marriott Hotels revealed a massive data breach affecting the information of up to 500 million customers. About a month before the Capital One incident, the Desjardins Group, a co-operative listed as the largest federation of credit unions in North America, announced that personal information from close to three million of its members was stolen.
The aforementioned CP story noted a recent study by IBM indicated that globally, companies have a 30 per cent chance of being hit with a data breach within two years, up from 23 per cent in 2014. That’s a concerning figure.
In the same story, Daniel Tobok, chief executive of Cytelligence Inc., says, “It’s happening more and more, but it doesn’t mean it should be normalized or we should get used to it as just another day at the office. This is a problem.”
Tobok noted part of the challenge in combating the problem is that Canadian regulations aren’t strong enough, offering few options to fine companies that fail to protect information, and making it difficult to locate and prosecute data thieves. These are areas that need to be shored up because, as much as the public is warned to take steps to safeguard their personal information, they are limited in what they can do to protect data that is in the hands of companies they deal with.
But it’s a problem that isn’t going to disappear. As a result of the digital age, an increasing amount of our personal information is stored in cyberspace, and the potential for criminals to cash in by using others’ personal data is an attractive lure. That puts the onus on companies that handle sensitive data to do everything they can to protect that information.
Consumers are trusting them to do just that.