Uber hack highlights urgency to keep information safe
When Doug Hoyes had his credit card information stolen, fraudsters used it to pay for three taxi rides in Toronto.
He wasn’t in that city, but discovered the charges while routinely checking his card transactions online and notified his bank, which cancelled the card.
Hoyes, a licensed insolvency trustee, says the incident illustrates the importance for individuals to keep a watchful eye on their statements in a world where financial information can be stolen in a myriad of ways.
“I realize that the bank will probably cover you anyways, so you’re not going to lose any money, but do you really want to wait until they’ve used up your credit limit and you’re trying to put gas in your car and you can’t because you’re over your limit?”
Earlier this week, ride-hailing company Uber came clean about a year-old hack that compromised the data of 57 million Uber riders. The information stolen included names, email addresses and mobile phone numbers. The number of Canadians affected was not immediately known.
News of the security breach comes just two months after Equifax Inc. said some 145 million consumers — including roughly 8,000 Canadians — had personal data, and in some cases credit card details, stolen by hackers in a massive data breach earlier this year.
The thefts were the latest in what has become a regular occurrence of hackers breaking into systems and stealing customer information.
While individual pieces of information like the email addresses and mobile phone numbers that were taken in the Uber theft may seem innocuous on their own, when thieves combine it with other information that may be available elsewhere, it can spell trouble.
But even if you weren’t affected by the Uber or Equifax data breaches — or any others so far — you need to be vigilant because hacks are going to happen, he added.
“If you weren’t impacted by this one, you probably will be impacted by the next one.”
If your information is hacked, you need to change your passwords and your PINs to something that is not easily guessed, advises Lynne Santerre, a spokeswoman for the Financial Consumer Agency of Canada.
Santerre added that if you’ve been compromised you should also contact the major credit bureaus and ask for a fraud alert to be placed on your file.
“That tells lenders to contact you before approving any application for credit in your name,” she said.
“So if anyone is trying to take out credit in your name, you’ll get a phone call and you’ll be able to confirm whether that application was yours.”
Hoyes noted that much of the job of securing your information online isn’t up to you, but rather the companies storing it. But, he added, there are still things you can do such as reviewing credit card transactions and cancelling any credit you don’t need.
Both Hoyes and Santerre recommend regularly checking your credit report with the two major agencies in Canada — Equifax and TransUnion.
Checking your credit report can tip you off if your information was stolen because you will see if there are any accounts you don’t know about that may have been opened fraudulently.
Hoyes also advised against giving out your social insurance number unless required because the more information that is out there, the more at risk you become.
If your card issuer offers you an alert service that sends you a message when your card is used, it can be a great way to keep an eye on charges. But, Hoyes added, it’s not enough to rely on the fraud protection systems at your bank.
“You’ve got to be in charge,” he said. “You’ve got to take responsibility here and be looking at these things on a regular basis.”