Last night news of yet another data breach came to my attention. This time it was Epslion, a Dallas, TX based permission marketer. By this morning already one of my credit card companies was notifying me to be on the lookout for spam emails that would fall into the category of Phishing attacks. Well, this makes two major breaches in the last month that are affecting me, after HealthNet and IBM lost some disc drives that have my financial, health and personal data. This time though Epsilon's intrusion meant more than one credit card or hotel, airline or shopping service's database, as for many of us Epsilon likely has us in their databases a few time.
A few months ago it was an Amex card. Before that a Visa or Mastercard, due to a payment processor being compromised. Before that, it was my bank card having been used possibly where the ATM machine or processing network had been compromised and before that it was where a duplicate AMEX card had been smuggled out of their facility matching mine, and was used to extract some cash from an ATM machine.
These occurances don't end up costing people money directly yet if we take the right precautions, but they do cost us time. And that's time we can never recover. When one of the card issuers told me I needed to change cards, we had to update all our direct payment accounts. That took someone in my office and I over 50 hours of actual work time. The issue wasn't money. It was the time lost in fixing something that never really should have become broken.
Security is only as good as the people who maintain it. Maybe it's time for a data insurance policy for individuals, not only identity theft, but for time lost. Sadly, I don't see any insurance company offering that policy.