By Art Gross, President and CEO, HIPAA Secure Now!
Twitter:Â @HIPAASecureNow
Read other articles by this author
Identity theft is not a new crime, in fact, criminals have been altering and improving their techniques to capture and use stolen information for years. While identity theft historically targets an individual consumer, an increasing number of criminals are now targeting businesses instead.
What is identity theft?
Identity theft occurs when someone pretends to be you without your permission, by using your personal information, for example, your driver’s license, or your Social Security number.
Identity theft that is carried out to compromise business data could be accomplished in many ways. The criminal may steal the organization’s client list, trade secrets, or may pose as the business by using their stolen data, similar to traditional forms of identity theft.
What is the damage?
In traditional identity theft where an individual is targeted, the theft of their identity could mean detrimental damage in various ways. If you’re the victim of identity theft, your stolen information could be used to make purchases, open a line of credit, or commit various other crimes or fraud. Once your identity is compromised, depending on the actions carried out by the criminal, you could face significant damage to your credit, IRS penalties if you’re involved in tax ID theft, loss of time due to the repercussions of your stolen identity, emotional distress and more.
Businesses involved in identity theft face similar risks but often with more at stake. If a business’s data is compromised, they could face financial loss including market share, loss of jobs, an overall hit to the brand and its reputation, loss of trade secrets which would allow the criminal to compete with the business directly, and more.
Why is business identity theft on the rise?
According to the data and analytics company Dun & Bradstreet, 2017 saw a 46 percent year-over-year increase in business identity theft.
Criminals target businesses for identity theft for many reasons. Often, criminals believe that stealing the data and identity of a business would yield a greater pay off than stealing the identity of a single individual. In addition, criminals can often find a great deal of information needed on a company to impersonate them simply by looking for it in publicly accessible places, such as the internet.
Insiders are also to blame for the increase in business identity theft, which is an extremely difficult threat to protect against. Insiders know a great deal of information about their organization, ranging from financial information to trade secrets, and can quickly gain access to that information without raising any suspicion. In turn, insiders can use the information obtained at work to commit identity theft against their organization.
What can you do to protect your business?
To protect yourself and your organization, remember to check credit reports, financial statements and banking information, social media accounts and web search results.
Businesses should also ensure that employees only have access to the information required to perform their job function. Once an employee is terminated or leaves the organization, it is critical that their access to anything relating to the business be turned off to prevent unauthorized or inappropriate access.
This article was originally published on HIPAA Secure Now! and is republished here with permission. HIPAA Secure Now offers annual online subscriptions to help covered entities and business associates keep up with compliance. Learn more here.