More than 530 million personal records were breached during the past six years — were any of them yours? It’s easy to find out, even if the organization responsible for the breach didn’t tell you. Here’s how:
Hop on to the Open Security Foundation search page and type in the name of an organization — any business, restaurant or online retailer you do business with, for example. You’ll instantly get a report of known breaches, incident types (hacks, email fraud, disposal documents, etc.) and the number of records compromised.
Who should you check up on? Any entity that keeps your personal information on file can also lose it, so a good place to start is with businesses and organizations on your bank and credit card statements. Also look in your email archives and don’t forget less obvious ones like schools, clubs, government agencies (especially local) and even your pizza delivery place. And while most states require organizations to notify you if your information has been breached, laws vary and the contact information an organization has for you may not be correct. Only a few states have centralized reporting.
How is the breach information collected? Data professionals scour news feeds, blogs and the Web for information on new data breaches and for updates on old ones (even dating back over a hundred years to 1903!). They also file Freedom of Information requests.
What if you want to do a broader search? To search by year, type of breach or type of organization (business, government, medical, etc.), check out Privacy Rights Clearinghouse. This heavy-hitter nonprofit provides testimony to the Federal Trade Commission (FTC) and other major governing bodies and its user-friendly search tool includes any breaches that have affected 10 or more people since 2005.
