Don’t just be aware. Practice cyber security.

In 2004, the U.S. government declared October to be Cyber Security Awareness month. The month is intended to be a time when we learn more about protecting ourselves and our personal information from online and technology threats. This year, the month kicked off with a huge wake-up call as to the vulnerability of our information: a ransomware attack on one of the largest hospital chains in the U.S.
While the attack caused a major disruption for affected facilities nationwide and delays in patient care, it might have also sparked a thought, “what personal information is vulnerable?” We share a copious amount of information that could potentially fall in someone else’s hands. Information like names, addresses, social security numbers, methods of payment, or worse, a card on file.
If a major cyber attack or a highly publicized data breach doesn’t encourage you to start taking your online security seriously, consider this, according to Forbes, hackers attack 26,000 times a day, or every three seconds. And, according to a survey by Veronis, 64% of American adults have never checked to see if they were affected by a data breach, and only 44% know what to do if they were affected.

How to start protecting your information

Sharing some of your information with trusted sources such as a health provider or a bank, largely cannot be avoided. However, you can still protect yourself.

Change and complicate your passwords

Do not reuse passwords or create easy passwords. Your password should be strong, utilizing a combination of letters, numbers and symbols. Consider using a password manager to securely store your passwords. A password manager is an application or program that stores all your passwords and requires a master password, and often biometric or multifactor authentication, to access the information.

Set up multifactor authentication (MFA)

MFA is another layer of security to verify your identity. It involves providing secondary forms of verification such as entering a one-time code received by text or email to a phone or an account in your possession, answering a question that only you know or providing a fingerprint or face scan. This added security measure places a higher unlikelihood that a cybercriminal would have both your password and access to your phone to get that one-time code, thus increasing your protection.

Tip: Never provide a onetime code to someone over the phone or via text


Don’t click on unknown links or attachments in emails and texts

It’s imperative to not click on links or open attachments in an email or text that was unsolicited. This applies even if you know the sender. Caller ID and emails can be “spoofed” making you believe the call/text/email is from someone you know.
If you receive a text or an email telling you to click a link to with an urgent message such as, “follow this link to protect your account”, do not click. Often, this is a form of phishing (fraudulently luring you to provide personal information through a link or installing malware from a downloaded attachment). Symantec reports that 37% of malicious email attachments are .doc or .dot attachments and that in 2020, phishing attempts accounted for one in every 4,200 emails.

Tip: If you are in doubt about a communication, call the company directly or access the company’s website by typing in the full URL and logging into your account


Check to see if your information has been involved in a data breach

All states have laws requiring businesses to notify individuals of security breaches. Many companies provide information about breach incidents on their websites and notify you by mail if your information has been involved. Companies provide a secure, official way to verify if your information was involved often on their website or in written communication.

  • Do not trust pop-up ads that claim your information was breached
  • Do not trust emails that require you to click a link to see if your data has been breached
  • Do not provide personal information such as your social security number or date of birth in an email to find out if you have been part of a breach

You can also check out the website created by security expert, Troy Hunt, as a free resource for anyone to assess if an online account has been compromised.

Act immediately if your data has been compromised


  • Change your passwords (make sure to change passwords frequently)
  • Set up MFA
  • Notify your bank and credit card companies; they will often include a security alert on your accounts
  • Order a free credit report at com (Federal law allows you to have a free credit report every 12 months. This is the only website authorized to fulfill the free credit report you are entitled to.)
  • Monitor your accounts and make it a habit to continue to monitor your accounts

Seniors are a especially vulnerable to cyber security fraud. Read our blog, Seniors are fraud targets, for additional information on securing personal information.

Helpful resources

Articles contained in our news section are not intended to provide recommendations or specific advice. Consult with a professional when making financial decisions. Once published, articles are not updated; information may be outdated.