Keeping sensitive information out of the hands of cybercriminals can be difficult. They are always looking for new ways to rip us off, which is why we're constantly giving you security ideas to stay protected.
One place that you really need to be protected is your bank. Financial institutions are supposed to be extremely careful in protecting clients' data. You won't believe how this popular bank inadvertently released thousands of clients' critical data.
Is your critical financial data at risk?
Typically when we tell you about a data breach, hackers are behind the attack. That's not the case here. In this incident, thousands of Wells Fargo clients' sensitive information was leaked by mistake.
A former Wells Fargo employee, Gary Sinderbrand, is suing a current employee for defamation. His lawyer subpoenaed Wells Fargo for documents and emails related to the case. What they actually received is shocking.
By mistake, a lawyer representing Wells Fargo sent Sinderbrand's attorney a database full of client information. It's 1.4 gigabytes of files that contain spreadsheets with customers' names, Social Security numbers, and banking details including investment portfolios. Most of the leaked info is related to clients of Wells Fargo Advisors, a subsidiary of the bank dealing with investments.
Sinderbrand estimates that he received data on nearly 50,000 clients. Since there wasn't a confidentiality agreement on the released information, Sinderbrand could legally file these documents in the lawsuit. This would make all of the data public information.
Sinderbrand told the "NY Times," "There are thousands of documents in here that the public should never see." He went on to say that if someone less scrupulous received the data they would have posted it online.
A spokesperson for Wells Fargo Advisors released the following statement, "Wells Fargo takes the security and privacy of our customers' information seriously. We are investigating this matter and will take the proper steps based on the outcome of our investigation."
This incident shows just how easy it is to have critical information fall into the wrong hands. It's not just cybercriminals that we need to worry about, it's also careless mistakes that can put our personal information at risk.
How to secure your bank account
- Create hack-proof passwords - Using a case-sensitive password isn't good enough these days. You need to be creative when coming up with passwords that will keep hackers out of your bank accounts. Click here to learn three proven formulas for creating hack-proof passwords.
- Set up two-factor authentication - Two-factor authentication, also known as two-step verification, means that to log in to your account, you need two ways to prove you are who you say you are. It's like the DMV asking for two forms of ID. Click here to learn how to set up two-factor authentication.
- Keep an eye on your bank accounts - You should be frequently checking your bank statements, looking for suspicious activity. If you see any transactions that you don't recognize, report it immediately.
- Have unique passwords - Many people make the mistake of using the same password for multiple sites. This is a terrible idea. If you're using the same password across multiple sites and one of them gets breached, the cybercriminal can use your credentials to get into the other sites. If you have too many account passwords to remember, consider using a password manager.
- Beware of phishing scams - Scammers will try and piggyback on incidents like this. They will create phishing emails, pretending to be the affected company, hoping to get victims to click on malicious links that could lead to more problems. Take our phishing IQ test to see if you can spot a fake email.