Unfortunately, the short answer to my headline question is, no. You cannot rely on cybersecurity experts to protect your personal financial information, as evidenced by the numerous breaches of personal information at companies employing large staffs of such experts. Marriot, Equifax, J.P. Morgan, Yahoo (twice), and now Capital One, among many others, have all fallen prey to serious breaches of their customers’ information. The Wall Street Journal reports of Capital One’s recent breach:
The cybersecurity unitโresponsible for ensuring Capital Oneโs firewalls were properly configured and scanning the internet for evidence of a data breachโhas cycled through senior leaders and staffers in recent years, according to the people. About a third of its employees left in 2018, some of the people said.
Capital One last month disclosed that a hackerย accessed the personal informationย of about 106 million of its card customers and applicants. Before the hack was made public, employees had raised concerns about what they saw as staffing issues and other problems to the bankโs internal auditors, human-resources department and other senior executives, according to some of the people.
The quality of a cybersecurity operation is partly dependent on its ability to attract and retain top talent. The bankโs board regularly reviewed attrition rates in the cybersecurity unit, one of the people said.
A bank spokeswoman said: โSafeguarding information is essential to our mission and to our role as a financial institution. Weโve invested heavily in cybersecurity and will continue to do so.โ
The bank spokeswoman said the cybersecurity unitโs total head count has risen over the past several years. โThe Cyber Team is a net importer of talent within Capital One,โ she said in a statement.
The hack was one of the largest in recent years, a period when a wide swath of companies including hotel chains and retailers have experienced major data breaches. Capital Oneโs breach was particularly surprising because it ran counter to a popular perception that the bank wasย ahead of the gameย in technology. Prosecutors have said that the hackerย began attempting to accessย the bankโs information in March, but Capital One didnโt learn of it until it was tipped off by an outside researcher 127 days later.
So despite employing professionals with what appeared to be the best technology in the business, Capital One was breached. The unfortunate reality of cybersecurity seems to be that no one is immune and that only constant vigilance on your part will protect you from identity theft and fraud.
The first steps in protecting yourself are checking your credit reports regularly, setting up a service like LifeLock (there are others, but LifeLock works for me) to monitor your accounts, and always scrutinizing any links or attachments you receive over the internet.
Read more about protecting your identity here:
- Your Personal Financial Security Part I
- Identity Fraud on the Rise: Hereโs Fidelityโs Customer Protection Guarantee
- How Are You Protecting Your Identity?
- 885 Million Financial Records Exposed Online
- Is Your Credit Card One of the 100 Million Just Breached? Would You Even Know?
Originally posted on Your Survival Guy.ย
