CRA just announced another breach of accounts (see below). The report stated that 5500 accounts were compromised. That means personal information stored at CRA sites were accessed by hackers. They know what CRA knows. They are able to do it, they will most likely do it again That is very scary for most citizens. It requires serious contemplation of our futures. How does that potentially affect our credit score? Does it affect our banking? What should we be doing to protect ourselves from future conflict?
It should first be understood by all Canadians that digitized personal information is not and never will be completely safe in the world of high technology. We cannot rely on encryption or even double encryption to protect us from having our information “out there”. Sooner or later bad buys will get our personal information. They will know our: SIN, address, employer and even names of family and friends. It’s not at all that people aren’t doing things to safeguard our information. In fact there are many things that are extremely proactive in the defense of hackers and identity thieves. However, our fingerprints are out at so many locations we must assume that not everyone has the same proactive defense (including CRA).
One of the best explanations of our situation is a one hour talk by Frank Abignale at google (look it up, it has millions of views and easy to watch). The “Catch me if you Can” movie origin lays out our situation fairly clear. We must first assume that our information (or much of it) is out there in the hands of bad boys. Our primary defense is three fold: monitor, structure and defend.
Monitoring of our liabilities is first. Find out if anyone is using our name first. Are there cards and loans out there under our names that we have never initiated? This requires a careful look at our credit records and what activity there is on it. This should be done regularly, once every six months or when something strange occurs.
Structuring all of our public financial activity through a credit card is Mr. Abignale’s primary push. This means the virtual elimination of writing checks (which has all critical information clearly printed on one piece of paper including a copy of your signature). Operating a business requires a checking account but exposing ones-self to paper checks too much increases long term risks. Learn to pay using methods that are more safe than easy (if my father can learn… who refuses to provide CRA with his SIN… anyone can). Personally I have only one credit card for all internet purchases only. I never deviate from that formula. There are NO exceptions! This means when my card information is hacked/stolen (which I ASSUME WILL happen). Its only one card and everything is insured.
Finally there is the defending of our financial and personal lives. This is probably the most critical of all protection activities. Defending is the mindset of “NON-Gullibility”. It is having a constant skeptical attitude towards releasing personal information beyond the basic “Name and possibly address”. If anyone asks for banking information over the phone proceed with extreme caution if you dare proceed at all. No credible organization will ever ask for your banking information over the phone (or email, text etc). We must understand what information is critical to your financial and identity security and what information is not. Andy Grove (Intel’s prior CEO) wrote a book with a great title, “Only the Paranoid Survive”. Everyone should hold to this mantra. Every citizen must be vigilant in individual self protection.
The key to building a great defense is wisdom. Become a wise person in the society we live in. Understand our personal vulnerabilities and learn the art of technological self defense. See a punch coming before your hit, know the environment your walking in at all times. If your buying something on line… follow the rules you’ve made for your own safety. Keep only trusted relationships open, close all others.
At our firm we do not have signing authority or access to clients accounts. Though we have pre-authorized withdrawals they are secured by a contract with the financial institution. If we are accused of fraudulent activity we could loose our contract with the institution and have our entire firms finances shut down. That is a great example of a system that keeps someone accountable. I am much more impressed with PAW than I am with some of the new “secure” ways of transferring money… yes they are easy (and even secure)… but there is virtually no accountability in the relationship, once your money is gone… there is no way to hold someone accountable for it.
Being safe requires continual, non-stop scrutiny of every transaction and liability. I suggest listening to Frank Abignale’s 1 hour lecture at google. Its well worth your time and builds a great foundation for further understanding.