Identity theft a growing concern for employees
As benefit professionals, we have both an obligation and an opportunity to help employees protect their identities.
Capital One. Equifax. Under Armour. Starwood/Marriott hotels. Facebook. Target. Anthem. J.P. Morgan Chase. Yahoo. Home Depot. Adobe. Sony PlayStation. U.S. Office of Personnel Management.
What do all these have in common? Simply, they represent some of the biggest data breaches of the 21st century. Most likely, there are others we don’t know about—yet. It has become evident that any and all of the data put onto the internet is vulnerable. This vulnerability can come from all quarters—scammers, governments and even good old-fashioned recreational hackers have breached some of the most supposedly secure networks.
Related: How to strike balance between cybersecurity and employee privacy
In the past few months, we have considered financial wellness for employees from different perspectives. This month, identity theft is our focus, and it has a definite impact on financial wellness.
Let’s begin with the problem. It’s easy to check to see whether your personal data has been compromised. Equifax, for example, has a very efficient website that indicates the scope of the breach they suffered and allow individuals to file claims as appropriate. And yes, my wife and I were both on that list. But I’m sure we are also on similar lists from at least some of the other compromised vendors.
There’s an interesting website called ”Have I been Pwned?” It’s worth checking whether your email account has been compromised. For example, one of my addresses, which I have not used in over 25 years, still has active data on two breach sites. Another old email address I abandoned more than 15 years ago has also been compromised.
Part of the reason I’m going back more than 25 years is to illustrate why compromised data is such an issue; someone could pose as me using what used to be a valid email address and start using my identity for illicit purposes. So when a compromised entity offers temporary or short-term identity theft protection, even for several years, any time the coverage is dropped, there is vulnerability.
What’s more, any password I used on any of those accounts can be cross-referenced to my identity, and internet-crawling bots can try those old passwords out on any site where there is an identity match to me.
Given all this, as benefit professionals, we have both an obligation and an opportunity to help employees. This is a significant part of making sure the benefits we offer provide long-term financial wellness and security to employee customers.
Of course, since identity-theft protection is not a traditional employer-paid benefit, most of the time it will be offered to employees on a voluntary basis. We need to understand what’s available in the marketplace and how various options can help. While it’s certainly not in the scope of this column to recommend a specific product, the following is a partial list of features to consider:
- Credit-monitoring services, including access to credit reports and scores
- Remediation assistance services in the event of a theft incident
- Fraud reimbursement
- Dark web breach notifications
- Social account monitoring
- Deceased family member remediation
As more aspects of our lives are conducted online, the areas of exposure to identity theft and the fraud that goes along with it will continue to grow. Identity theft is now moving into the mainstream of risk areas for employees.
Read more: