Identity Theft: The Aftermath of Compromised Information
The NJCCIC has received reports of threat actors attempting to commit identity theft using compromised personally identifiable information (PII). PII is unique information that describes and identifies a person, such as Social Security numbers, dates of birth, and addresses. PII may be compromised via cyber-attacks or data breaches and sold for use in identity theft schemes and other criminal activity. The NJCCIC advises users who suspect they have fallen victim to identity theft review the Federal Trade Commission website, the USA[.]gov website, and the New Jersey State Police website for information on identity theft services; and notify appropriate parties, banks, and credit card companies of fraudulent activity. All users are encouraged to consider placing a freeze on their credit profiles with the major credit bureaus, particularly if their PII has been exposed in a data breach. This free and proactive option prevents anyone – including a criminal – from opening an account using the individual’s information. Users may temporarily lift credit freezes when legitimately opening new credit accounts. Users can report identity theft cases to the FTC at IdentityTheft[.]gov and incidents to the NJCCIC via the Cyber Incident Report Form.