In a world where data breaches have become more prevalent, having a response plan to address a breach incident can be just as important as the security measures taken to prevent one. Timothy Walsh, Director of Data Breach Services at TransUnion, explains how a strong credit monitoring platform can empower consumers to better detect potential fraudulent activity.
The cost of a data breach is significant: In 2018, the average cost of a data breach to a Canadian organization was $4.74 million1. The average cost for each lost or stolen record containing sensitive, confidential information was $148 — and as of July 2018, 2.6 billion records were exposed in data breaches.
While the reputational damage caused by a data breach may not be as easy to quantify as financial costs, it is nevertheless a huge concern. When customers lose trust, businesses lose customers.
In 2017, 65% of companies impacted by a data breach chose not to notify potentially affected consumers of a data loss —perhaps, in part, to preserve their reputation. But for organizations in Canada, choosing not to report is no longer an option: Mandatory breach notification legislation came into effect Nov. 1, 2018. This means organizations suffering any loss of personal information that causes a real risk of significant harm are required to notify all potentially affected individuals.
High-profile breaches over the last few years have been under the global spotlight, raising awareness and concern among consumers and the organizations they trust with their personal and financial data. Every organization, regardless of size or potential exposure, should take this seriously and have controls in place to proactively guard against data breaches — as well as having a plan to respond to a breach, should security measures fail.
With so many avenues through which a data breach can occur, having an ‘it can’t happen to me’ attitude is unwise. A breach response plan is imperative to helping you minimize financial loss— and can help with regaining customer trust.
To help with preserving your reputation and credibility, and aid in protecting your customers, you should be prepared for possible worst-case scenarios. This can mean being able to quickly take action when faced with a potential data breach by working to assist potentially affected customers and examine ways to assist those who may be vulnerable to further breaches.
Data can help organizations identify patterns and trends that can assist with leading you to potential sources of the breach and help you with determining its potential scale. You can also be in a stronger position to identify and remedy vulnerabilities that may have exposed you to the breach. To help show you’re taking action and responsibility, you should implement a communication plan that targets to inform impacted customers, before they hear the news elsewhere and lose confidence in how you’re handling the situation — and their data.
You should also have a robust remediation strategy to assist customers who may be victims of fraud, as well as to help with rehabilitation.
Criminals who steal personal or financial data want to monetize it as quickly as possible, potentially either by selling it to a third party or using it to apply for different credit products. Credit monitoring platforms are a powerful tool for detecting identity theft and helping consumers take action efficiently to address potentially fraudulent activities on an identity.
If your consumers are enrolled in a credit monitoring solution, they’ll receive alerts of credit inquiries made to their credit file and alerts to material changes made to their credit file, in addition to unlimited access to their credit report and score. As soon as they’re alerted to credit inquiries and changes to their credit file, they’ll be able to contact the organizations involved or the credit reporting agency, which can help the consumer investigate the situation promptly. These platforms can play a key role in your strategy.
The credit monitoring service essentially helps as an early-warning system for potential identity impersonation or fraud, which may be as a result of a data incident. If a consumer’s data has been potentially exposed and used fraudulently the consumer will be able to investigate the alert and take action. Additionally, credit monitoring can enable consumers to review the information reported on their credit file prior to receiving alerts through a credit monitoring solution.
When incorporating credit monitoring into your data breach response plan, remember that awareness and adoption are key. Educate your customers on all aspects of the monitoring service so they are better prepared to quickly identify any potential misuse of their personal information and potentially fraudulent activity on their credit file, and this can help them understand who to contact if they suspect a case of identity theft. This will assist with instilling consumer trust.
Learn more about TransUnion’s solutions
TransUnion is a global data provider that reports the financial and credit information of approximately 28 million credit-active Canadians. Our technology and data capabilities allow us to develop innovative solutions that assist organizations with breach response plans for different consumer demographics.
Find out more about our credit-monitoring and data breach protection services:
1Unless stated otherwise, all statistics and figures in this article are from the 2018 IBM Cost of a Data Breach Study: Global Overview. by IBM Security, www.ibm.com/Security/DataBreach. Figures are listed in USD.
We're sorry, your request failed. Please try again in a little while.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.