Quote from Stratfor.com
“Dear Stratfor Member, We have learned that Stratfor’s website was hacked by an unauthorized party.”
by Gail S – reprinted here for 2012
I have a subscription with Stratfor.com. The firm, under the tutelage of George Friedman, does an analysis of the data coming in from all over the world on political and economic matters, or at least those are the items that I find interesting to follow. And that is the reason I have the subscription.
So on December 24th, 25th and 28th the notes from Stratfor.com stating that they had been hacked and my info was potentially out there on the web for all to see were alarming! (Thanks Anonymous! What did I ever do to you?),
Stratfor.com has responsible leadership. They didn’t hide this incident nor did they take cover behind a bunch of liability issues! They took quick action in informing folks of their problem. They took additional steps in offering and paying for a year of protection for all of us impacted by the problem and then urged us to sign up for it. They gave us some remedial steps on what to do and they notified the credit card company to which I had charged my subscription quickly. They did all the helpful things they could do in my opinion.
My mind, however, didn’t find it particularly easy to let go of the issue. And so quickly I did the first things I could think of.
- I called the same bank and had them re-issue my credit card with a new number.
- I did a credit check with Equifax to make sure that, so far, no one had set up any accounts I didn’t know about.
- I changed my username and password at my banks.
- And still didn’t find myself sleeping well.
NOTHING YOU DO TODAY IS PRIVATE! Today, nothing is private! Google uses every bit of information they get from the websites you visit to make sure that what shows up to be advertised on every website you stop in is something that you have previously shown interest in. And if you can follow my last sentence, then you are a better person than I am…
My local newspaper’s website has advertising around the edges for a webshop I made to look at some snow boots. Matter of fact, those silly boots, which I decided I didn’t want anyway are beginning to haunt me as they show up at nearly every site I visit! I have a Facebook account, hi there boots. I make a stop at Amazon, hi again boots! Well, you get the idea. And if anyone thinks that Facebook is about privacy either, they are so sadly misguided! It is another privacy robber, no doubt.
So because of the wakeup call, I started asking myself questions and started looking at best practices.
- What needs to be done to protect myself online?
- What things do I need to watch for going forward that might be a warning of someone trying to obtain information about me that could hurt me.
- What am I willing to do to ensure some privacy and what am I unwilling to do to give up the freedom of information and activity I enjoy on the web.
- On the sites you use the most, change your user ID’s and passwords often. I set up an alarm on my calendar for this year to do it monthly. Identify websites you frequent most often, make a list and change your user ids and passwords. Think about where you shop…Amazon, Emergency Essentials, etc. The banks you use. The social accounts you use; the subscriptions you have (like me). To avoid forgetfulness, buy yourself a small index card file box and write down your sites, user id’s and passwords and keep it someplace safe in your house. That way you won’t confuse yourself trying to figure what your latest password is.
- Pick one credit card with a small limit to use on all online purchases. Use one that is at a bank or Credit Card Company where you have no other assets. Use only that one. Should someone hack it in any way, you can have it canceled and a new one issued easily. Hopefully, this will prevent a hacker from infecting accounts at other locations. Or use a PayPal or the like service.
- If you are using a home address to have items shipped, change that, right away. Get a P O Office Box or one of those commercial post office boxes and send everything there. In a pinch, send items to your place of employment, but get out of the habit of shipping things to your home. And change your mailing address on your credit cards so they go to the Post Office Box as well.
- Google your name and see if your name and/or address show up anywhere. Mine did, and I am still trying to get that to go away.
- You are entitled to check your credit scores once per year for free. Do it! What you are looking for is someone using your credit data to set up accounts for themselves at different addresses and are using your name and account information to do so.
- Get a credit check service, all of the big three Equifax, Transunion and Experian can help you with that. See the bottom of my post. These companies usually charge a fee per month, but the insurance may be worth it to you.
- Don’t do all of your banking online! Go visit the bank and ask them to look at your main accounts and make sure that your balances match theirs, more on this in a bit.
- UNDERSTAND THAT NO MATTER WHAT KIND OF SECURITY, THERE IS A GOOD CHANCE THAT YOU CAN BE HACKED OR WILL BE HACKED IN SOME MANNER SOMETIME. Prepare your mind for it and think about it often.
- Never give out social security numbers or credit card numbers in emails.
- Be careful to deal with only the most reputable dealers. Then you stand an honest chance of being informed promptly should a problem occur.
- Get a good antivirus protection service and use it! I am not making recommendations on which one. All of them still make a mistake now and again and let something through that shouldn’t have happened. Let it update automatically. For that matter, if you are running Windows, make sure their updates are automatic as well.
Things to watch for:
- Do not open or respond in any way to unfamiliar emails. I have had 9 emails that I believe for sure are the result of the Stratfor.com incident. Stratfor.com warned that there may be emails coming in from unsavory sources that would be attempting to get us to open them using “protect yourself from internet thieves, use our internet protection service” offers. These were pretty easy to avoid when I saw them, they were from names I had never heard of.
- Be careful that you read who your email is from before you open it. I had two that I am sure came from people poking through some of my data because mixed in the body of the sender names were the names of people I know. This made me sure that my information had been hacked by anonymous and that people were trying to find out more.
- Emails: Since this hacking thing I have had two emails from my bank, both of which were asking for me to click on a link and go to the website and do something. They were Bogus and only there because somewhere in the data, they found my banking source. Never, EVER click on a link to a financial institution from an email address. If you need to go to your bank’s website, go to a clear web browser screen and type the bank’s web address in yourself. If the bank is trying to get ahold of you, they will send will contact you via the mail if it is important.
- Check your regular mail. We all are pretty used to getting the same junk mail all the time. Should new or different solicitations start showing up in your email, pay attention as they may have obtained information about you from your use on the web.
- CHECK YOUR BILLS CAREFULLY! A lot of us get our bills online. They may or not get paid automatically. Stop!!!!!!!! Make sure you look at all of them! Check your phone bills for calls you may not have made. Check your cable/dish bill for shows or movies you may not have purchased. Check your credit card and online bank statements to make sure everything on there was something you purchased. When in doubt call and find out!
- Here is the big kicker! And it is the reason for number 7 above. Go see your bank. Check your bank balance with them. There are hackers out there now that have the ability to mimic your bank’s website. While they are busy draining your bank accounts, you are using your accounts just like you normally would knowing full well what should be in those accounts! The mimicked account looks just like your normal bank account and you will not know the difference until you start getting bounced checks! There is protection that will eventually make your account right and whole again, but in the meantime, you will have a whole lot of acid indigestion for a while getting things straightened out!
What I am willing to give up for privacy:
At the moment I am willing to do all I have listed above to continue an online existence. However, everyday something new comes to light that is alarming. Today there was an article today about the FDA monitoring their employee’s private emails. Yesterday it was Stratfor.com getting hacked.
I was in good company with the Stratfor.com hacking. Apparently, the DOD, Bank of America, Lockheed Martin, Boeing, Amex, and others were also involved. Some 75,000 clients in all. We all read the news that Homeland Security is looking at every Facebook and Twitter entry now. Zappos.com, a subsidiary of Amazon was also hacked recently. At some point, the price for being online may become too high.
I am just an average citizen of this country. While I am not a happy camper with the political and economic attitudes and the present situation in this country, I am no threat to anyone’s security and I certainly am not a very rich target for internet thieves.
There may come a time when I just shut it all down and find a more private lifestyle. What we are willing to put up with for an open style of communication is an individual choice. It is not lost on me that all of this invasive activity has been taking place just as the SOPA and PIPA legislation was making its way through Congress. Is it paranoia that makes me think it might be connected in order to urge us to let the Government protect us from internet piracy?
Who knows, just an idle question on my part…………..It does feel to me, however, that FEAR is what is manipulating us these days, be it fear of climate change, fear of the internet, fear of somebody else going crazy and using a gun irresponsibly, fear of another country, fear that we can’t be responsible for eating right, flushing our toilets right, using the right brands of detergents, etc. etc. etc. All so-called reasons for additional government control over our lives.
I am just sharing my experience here. Looking forward to your comments on additional ways and means to protect yourselves! Good Luck to All!
Here are some additional sources for your consideration:
Contact the three U.S. credit reporting agencies: Equifax (http://www.equifax.com/ or (800) 685-1111), Experian (http://www.experian.com/ or (888) 397-3742), and TransUnion (http://www.transunion.com/ or (800) 888-4213), to obtain a free credit report from each.
If you see any unauthorized activity on your accounts promptly notify your financial institution;
– submit a complaint with the Federal Trade Commission (“FTC”) by calling 1-877-ID-THEFT (1-877- 438-4338) or online at https://www.ftccomplaintassistant.gov/
Credit Monitoring Service
Stratfor.com is paying for this firm to monitor the accounts of all of us who were involved. CSID, a leading provider of global identity protection and fraud detection solutions and technologies.
Other Interesting Resources for hacking and other things:
Firestorm.com, Check out their book called Disaster Ready People.