Protecting Compromised Information
In the wake of the most recent disclosures of large-scale successful computer breaches of US government systems, we thought it prudent to include some information on what do to if you discover your identity or digital footprint has been compromised. Know exactly what needs to be protected and have a plan in place before something happens. This extends to information as well as physical assets.
General steps to take in the wake of a systems breach:
Detect, Isolate and Remediate
- Isolate the affected system immediately to mitigate potential damage. Once contained, act to remediate the compromised systems.
- Assess other systems to ensure that containment was successful and no other areas were compromised by the breach.
- Mitigate the consequences of said breach as quickly as possible. For an individual, this would include contacting your financial institutions and credit lending agencies. For companies, this could include enacting business continuity and disaster recovery protocols and procedures.
If you have ever applied for a security clearance from (or required a background check by) the US government, the following is some basic guidance for assisting you in mitigating your risks:
- Put a block on your credit reports to prevent anyone from opening new accounts unless you are contacted first: http://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs
- DO NOTrespond to e-mails or phone calls from anyone saying that they are from DHS, OPM, or DoD and are offering to help. Expect fraudulent phone calls.
- Change all of your security questions on ALL of your bank and credit account information, make sure the security questions and answers are not provided by you in your security clearance information.
- Close all accounts you are not using.
- Request from your banks and credit card companies that they send you new cards with chip and pin.
- Use the Freedom of information Act (FOIA) to request the information obtained by US DoD for the purpose of granting your clearance.
- Await the OPM letter that will send you a pin number so you can log in and register for free credit monitoring and up to $1 million in coverage in case your identity is compromised and potentially affects your credit.
Remember, this information provided is only basic, though considerable time and effort on your part is required for one or more of these steps should you wish to pursue these risk mitigation efforts in protecting your compromised information.
If you are concerned that you have been compromised and wish to take further steps by getting in touch with a security professional, KT Designs can put you in contact with one of our experts. Please contact us at 202.554.0272 or firstname.lastname@example.org.