19 September, 2017 Education

Cyberattacks and Protecting Your Information

All blog content is for information purposes. Any reference to indivisual stocks, indexes, or other securities as well as all graphs and tables are not recommendation but only referenced for illustration purposes.

In this blog, we discuss the following:

  • Cyberattacks by the numbers
  • The Equifax breach and what YOU need to consider NOW
  • Best practices
  • How we protect your data

Cyberattacks and breaches of personal information have become all too common and should not be ignored by anyone. If you are connected to the internet in anyway, have online accounts of any kind, you are at risk.

What we want to accomplish is tough. We want to 1.) maintain our online access and presence, 2.) store data digitally on our own devices or in the cloud (others’ devices), 3.) allow our access freely and sometime share access with certain others 4.) while preventing access to most (including thieves). These are complicated goals and much different than information on a piece of paper locked in a filing cabinet. Accomplishing these goals simply requires some effort.

The Statistics

The numbers are staggering:
  • In 2016 one in every 131 emails was malicious. Just 2 years ago it was only 1 in 2441.
  • Cybercrime damage costs were estimated at $3 TRILLION worldwide in 2016 and estimated to double by 20212.
  • Ransomware damage costs, a thief locking your computer(s) until they are paid a ransom,are estimated to exceed $5 billion in 2017 or 15 TIMES the cost just 2 years ago2.
  • Identity fraud costs U.S. consumers $16 billion in 20163.

It’s not only the statistics that should get your attention but also the hassles and drain on your time if you are a victim. It can take some consumer months to clean up the mess caused by identify theft and lost data is often never recovered.

Equifax Data Breach

Equifax, one of the three credit reporting agencies, disclosed on September 7th that the personal information for 143 million Americans had been compromised. This breach is significantly worse than many others because the data stolen included names, addresses, dates of birth, and social security numbers. These four pieces of data tend to be the items required to confirm someone identify.

You should read the blog posted by the U.S. Federal Trade Commission regarding this breach: https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do. As noted in this blog, if you have a credit report (if you are reading this blog then the odds are high!) then it is likely your data has been stolen. In this FTC blog they suggest steps you should consider including:

  • Consider 1 year of free credit monitoring by Equifax
  • Check your credit reports
  • Consider placing a freeze on your files
  • And more

In addition to the above recommendations by the FTC, Experian, another of the three credit reporting agencies, offers a free scan of the dark web.  You can access it via the following link: https://www.Experian.com/scan.  This is another step in an effort to determine if thieves have your personal information.

This Equifax breach is significant and likely includes your personal information. You should seriously consider taking some action.

Best Practices

There is a lot you can do to protect yourself. Here are some best practices to understand and consider:

  1. Email – the most common entry point for thieves.
    • Avoid or delete emails from unknown senders.
    • Be cautious of opening any attachment especially if it is an unknown file type.
    • Scrutinize senders email address to make sure they are not different by one character.
    • Avoid clicking web links in emails and instead type the link directly into your browser to make sure you are going to an authentic site.
  1. Passwords
    • Store them in a secure location
    • Change them frequently
    • Avoid common words and repeating previously used.
  1. Multiple Authentication – this is a second level of validation, in addition to a username and password, such as a text message or other tool.
    • Utilize multiple authentication especially for access to financial related information and accounts.
  1. Software Updates – known as software “patch management” to keep software up-to-date to close “holes”.
    • If you utilize Windows or an Apple device, make sure it is set to automatically install updates as they become available
    • Do the same for all of your software.
  1. Anitvirus Software
    • Use it
    • Make sure it is always up-to-date to protect from new threats.
  1. Wifi access
    • Use a secure network whenever possible. Personal hotspots tend to be more secure than public networks.
    • Avoid conducting sensitive activities on public networks such as activities requiring you to input a credit card number or password.

How Patton Protects Client Data

Protecting our client data is a top priority. During the past year we have hired two cybersecurity consulting firms to conduct a thorough risk assessment, address any issues, and provide 24x7 ongoing monitoring of our systems and every device used to access our systems. This, and much more, is documented in our comprehensive Cybersecurity Policy.

In addition to our own efforts, we favor custodians (firms holding our clients’ money) that have extremely robust policies and procedures in place to protect our clients. We recognize that such robust policies and procedures can cause relatively minimal hassles occasionally for our clients but believe this is a very small prices to pay for the protection it provides.

We have gone to great lengths to protect our clients’ data but recognize no business is immune from the risks of a cyberattack. We are committed to continual improvement and maintaining robust standards.


The sophistication of cyber criminals has escalated rapidly and the pace of change is rapid. The Equifax breach should be taken seriously be every American. We encourage you to consider the recommendations of the FTC as it pertains to this breach and to also consider the best practices outlined above. These things will take effort but are critical in today’s digit age.

Source: 1 1Symantec Internet Security Threat Report April 2017 Volume 22, 2 https://www.csoonline.com/article/3153707/security/top-5-cybersecurity-facts-figures-and-statistics-for-2017.html , 3 http://www.iii.org/fact-statistic/facts-statistics-identity-theft-and-cybercrime

Contact Mark A. Patton :