Money Matters

What To Do In The Event Of A Data Breach

1 Jul 2015 by: jhurley 

We thought we would share a piece written by financial writer, Miriam Rozen on what do in case of a data breach.

Karen Schaeffer’s clients were not as scared as she thought they should be. News that hackers had broken into a database of federal government employee information had put her on edge but her clients were taking it in stride.

“They weren’t really terrified,” says Schaeffer, a financial planner who has built her practice around advising federal employees.

But they had good reason to be alarmed. The database that had been compromised includes data on more than 4 million active federal government employees and retirees, including Social Security numbers, job assignments, performance ratings and security clearance applications, although it isn’t known yet precisely who was affected by the breach and what data was stolen. “We have to teach our clients to be more diligent,” declares Schaeffer, the managing member and co-founder of Schaeffer Financial, which is based in Rockville, Md., and has $140 million assets under management.

Given all the uncertainties, Schaeffer has begun working with her clients to monitor all their accounts for suspicious activity. She worries they may be too complacent, because most of them don’t think like the criminals and often fail to realize how vulnerable they may be. So she is teaching them what to check, following up to ensure that they did and, in her words, “giving them gold stars when they do.”

Other advisors, even those without federal employees and retirees as clients, may want to take note of her approach, given the rampant nature of the attacks aimed at stealing personal and financial data.


Whether your health care information was recently hacked, if you are a federal employee or retiree, use of your credit cards in merchant transactions or any personal information has been illegally obtained, or if you applied for participation in the TSA pre-check program, take a look at this partial to-do list for potential hacking victims, put together by Schaeffer:

  • Guard against phishers by not answering questions posed during unsolicited phone calls.
  • Withhold all personal information until verifying the legitimacy of the requestor.
  • Never click on links embedded in emails.
  • Review all bills closely to make sure that the charges are ones you actually incurred.
  • Consider instructing lenders to disallow additional lines of credit without in-person verification.
  • After obtaining your credit report, consider freezing your credit report at the three credit bureaus so that unauthorized individuals who want to steal your personal information to open erroneous accounts can’t do so.

Gerald Cannizzaro, who contributed to the list, agrees with Schaeffer’s view that potential hacker victims need encouragement to respond effectively. A former federal employee and partially retired financial planner in Reston, Va., Cannizzaro plans to tell his remaining clients that “The best thing people can do is monitor their credit cards.” He worries that government-issued cards will be particularly vulnerable.

Both Cannizzaro and Schaeffer are concerned that the hackers, or those who purchase the purloined data, may try and use it to blackmail the victims. “But we don’t know and there is nothing to act on now,” says Schaeffer.

The two financial advisors share an even more personal stake in the affair: They each received letters from the government informing them that their own data may have been compromised by the breach.

As a retired federal worker, Cannizzaro wasn’t surprised that he received the notice. But Schaeffer didn’t realize until she received the letter that her application to participate in the Transportation Safety Administration’s Pre-Check program, which makes it easier to get through airport security, meant that her data had been entered into the compromised database. “Just what I needed,” she says.

Miriam Rozen is a reporter for Texas Lawyer and interviewed several financial planners for this article.

CCMI provides personalized fee-only financial planning and investment management services to business owners, professionals, individuals and families in San Diego and throughout the country. CCMI has a team of CERTIFIED FINANCIAL PLANNERTM professionals who act as fiduciaries, which means our clients’ interests always come first.
How can we help you?

More by this Author
Below are additional articles written by this author.

As April is National Financial Literacy month, let’s look at how much we have learned since the Great Recession.  A recent survey completed by Wallethub.com…

by Bob Eddy, CFP ® For more than 42 years, Bob Eddy has assisted CCMI clients with a variety of their financial planning and investment…

by Peg Eddy, CFP ® Having been a CFP practitioner since 1983 and now on the cusp of my retirement, a look back on my…