Personal Loss and Identity Theft
These types of harm encompass threats to an individual’s personal identity, such as identity theft, privacy breaches, or personal defamation, which we term as “Harm to the Person.”
ENTITY
3 - Other
INTENT
3 - Other
TIMING
3 - Other
Risk ID
mit707
Domain lineage
2. Privacy & Security
2.1 > Compromise of privacy by leaking or correctly inferring sensitive information
Mitigation strategy
1. Implement Robust Access Control Mechanisms: Mandate the use of multi-factor authentication (MFA) and require complex, unique passwords (minimum 14 characters, incorporating letters, numbers, and symbols) for all sensitive accounts to fortify against unauthorized access and credential compromise. 2. Strictly Control and Secure Personally Identifiable Information (PII): Employ physical and digital controls, such as cross-shredding all documents containing PII (e.g., bank statements, credit offers) before disposal, and refrain from carrying physical identity documents (e.g., Social Security card) unnecessarily. 3. Adhere to Secure Digital Interaction Protocols: Exercise extreme caution regarding unsolicited communication (phishing/social engineering) requesting PII, and conduct all sensitive online transactions exclusively over secure, encrypted network connections, as verified by an 'https' protocol and visible security indicators.