How to Protect PII

Personally identifiable information, or PII, is especially valuable to hackers. Here's how to make sure they don't get their hands on it.
By Aaron Weiss  |  Posted May 15, 2014
 
Because many modern security systems rely on users’ personal information, also known as PII, or personally identifiable information, a data breach can potentially weaken your security posture not just in a single context, but in all contexts.
Stefan Frei, Ph.D., research vice president at security research firm NSS Labs , and Bob Walder, NSS Labs' president and chief research officer, address the PII issue in a recent security brief called "Why Your Data Breach is My Problem." They say that each security breach which leaks PII data has a cumulative weakening effect on users’ personal security in aggregate. In other words, when Sony’s PlayStation network suffered a data breach in April 2011 – leaking PII data from some 77 million individuals – users’ loss of personal security was not limited to their use of the PlayStation.
That data, and data from the Target breach in late 2013 and other breaches, feeds into a vast pool of PII data in which the criminal underground horse-trades and aggregates.
With so much PII data floating around, details can easily be cross-correlated, helping criminals quickly put together accurate identity profiles. With just a few pieces of "secret" personal information, thieves can potentially gain access to online accounts and even financial accounts through identity theft.
 
Full Article