Passports compromised in the Marriott breach could lead to fraud

Personal Finance

One of the worst-case scenarios would be someone forging a passport with your number, leading to criminal identity theft. That risk is likely low, said David Kennedy, chief executive of TrustedSec, a white hat hacking and cybercrime investigations company.

“To replicate a passport takes a lot of effort,” Kennedy said. “I wouldn’t necessarily consider your passport compromised.”

Nor are breached passport details necessarily as dangerous as having your physical passport go MIA.

“There’s not much that can be done with a passport number alone, as long as you have the actual passport in your possession,” said Paul Stephens, director of policy and advocacy for the Privacy Rights Clearinghouse.

More from Personal Finance:
On the IRS naughty list: You failed to withhold enough pay for taxes in 2018
7 steps to start paying back your student loans
Online lending hasn’t removed discrimination, study finds

Concerned consumers should reach out to the State Department to determine next steps, which might entail reporting that passport as lost or stolen, Velasquez said. Renewing your passport would also result in a new number, Kennedy said.

In an emailed statement to CNBC, the State Department said that it was aware that some individuals’ passport numbers may have been disclosed in the Marriott breach, but that compromised passport numbers could not be used by the thieves for travel or to access any State Department records on that citizen.

“With respect to U.S. passports, we would like to assure U.S. citizens that the U.S. passport book and passport card are highly secure documents with numerous security features designed to prevent successful counterfeiting,” the State Department said, in a statement.

The bigger risk for consumers is that combined with other data — including many of the other elements compromised in the Marriott/Starwood breach — having that passport number helps criminals build a profile of you that could be used to perpetuate other kinds of fraud, Stephens said.

Those credentials could be used to verify your identity to open new accounts online, or gain access to existing ones. All the more reason to take steps such as enacting two-factor authentication and setting up unusual transaction alerts on existing accounts, and freezing your credit to prevent new accounts from being opened.

“Really monitoring your credit is going to be important,” Kennedy said.

Source link

Products You May Like

Articles You May Like

How to be a better ally for your black coworkers
Why I now refuse to ask ‘Tell me about yourself’—after 20 years of interviewing
Advice for high school grads in virtual commencement
Twitter users raise millions for bail funds for George Floyd protesters
Americans may get to change their health benefits—here’s what to know

Leave a Reply

Your email address will not be published. Required fields are marked *