When you cast aside that old phone, be sure you completely rid it of your old information, including bank account passwords, personal e-mail and private photographs. All too often, smart phone users don’t properly erase the data on their old phones, even if the data is sensitive. And if that phone falls into the wrong hands, you could become the victim of identity theft.

And don’t count on a reseller or nonprofit to clean up your phone. Many of these don’t know how, don’t have the time or just plain don’t care. So your information is still on the phone once it has been resold or donated to someone else.

Smart phones have two stores of memory: a SIM card and the internal memory. Some also have removable SD Card media. You can remove the cards, but you can’t remove the internal memory. You can, however, wipe it clean.

Always wipe your phone clean yourself before you sell or donate it. Every phone has a different process; check your owner’s manual. Most models allow you to restore factory settings through the phone’s menu, and many will require you to enter your phone’s password once or many times over. To restore the phone correctly, check the manual, or do a Google search for step-by-step instructions.

It should be noted that your information may still be recoverable from your phone, if someone really knows what he’s doing. So the best way to get rid of it is to get rid of the phone – take the phone apart and go at it with a hammer to break the memory chip into pieces. Not exactly eco-friendly, but it’s truly the only way to be sure your data won’t fall into the wrong hands.

Unfortunately, you can’t prevent a data breach. You can withhold and protect your personal information most of the time, but sometimes you have to provide it. So what do you do if you learn there’s a data breach? You can use these five tips to protect yourself.

1. Contact the organization that suffered the breach. There should be a hotline set up and manned with company employees who can answer your questions, first about what protect the company plans to provide and second, to what extent your information is at risk.

2. If your bank or credit card accounts are affected, contact the bank or card issuer and close the appropriate accounts.

3. Monitor your credit card and bank accounts and statements closely, watching for any questionable or fraudulent information.

4. Place a fraud alert on you credit report with all three credit reporting bureaus. This way, if someone tries to open a new account using your information, you will be contacted for verification.

5. If the company that’s reported the breach offers a free credit monitoring service to help, take them up on their offer. It’s become common practice for companies that have suffered breaches to offer one year of credit monitoring to affected customers.

As previously stated, you can’t prevent a data breach. But you can make it harder for a criminal to use your information. Get proactive today.

Seventy-seven million people have been affected by the breach, and experts are calling it the largest data breach in history. Personal data from those individuals was exposed, including possibly credit card numbers.

Sony has announced that its credit card data is encrypted, but The New York Times has reported that researchers have already spotted credit card numbers associated with the breach for sale in online criminal forums.

The phishing scams would involve criminals sending highly-customized e-mails or postal letters, or even phone calls, that appear to be from Sony. The communication would request more sensitive information, like credit card or Social Security numbers.

Sony has urged customers to be aware of these scams, and officials have said the company will not contact customers in any way, asking for credit card numbers, Social Security numbers or any other personal information. If you receive such a request, Sony officials say, you can be assured it’s a scam and not from Sony.

The FBI is currently investigating the breach.

While the investigation is underway and in the coming months, if you are affected by this breach, you should be sure to check your bank and credit card statements carefully. You will also want to get a copy of your credit report. Review all of these documents thoroughly, looking for questionable or fraudulent entries.

You should also change all your passwords. Do not respond to any communication that appears to be about Sony. If you receive an e-mail, telephone call or letter, and you’re not sure, contact Sony directly to verify the communication’s origin. Should you receive an e-mail that contains a link, do not click on it. Doing so could engage malware, which can steal your personal information without you even knowing it.

Albert Gonzalez, 28, is accused of helping to steal 130 million credit and debit card numbers in a corporate data breach involving three different corporations. The numbers were stolen from Princeton-based Heartland Payment Systems, 7-Eleven, Inc., and Hannaford Brothers Company.

Gonzalez and his partners used a sophisticated hacking technique called an “SQL injection,” which seeks to exploit computer networks by finding a way around the network’s firewall to steal card information.

The case indictment states that Gonzalez and his partners, beginning in October 2006, would seek out Fortune 500 companies and attempt to identify potential vulnerabilities in their computer systems. They would then upload the information to servers used as hacking platforms. Once the information was discovered, it was stolen and placed onto servers around the world, controlled by the suspects.

Gonzalez, also known as “soupnazi,” and his partners would seek to sell the data to others, and also used it to make fraudulent purchases, unauthorized withdrawals from banks, and other identity theft schemes.

If convicted, Gonzalez could face up to 20 years in prison on a charge of wire fraud conspiracy, and an additional five years on the conspiracy charge.

Heartland Systems announced a suspected breach in January 2009, but denied the compromise of any merchant data, Social Security numbers, PIN numbers or addresses. At the time of the intrusion, Heartland was responsible for processing 100 million payments for at least 250,000 businesses each month.

Walgreen said hackers who gained access to a list of customer e-mail addresses may have sent spam directing customers to enter personal data into outside Web sites, while McDonald’s said private information that customers supplied when signing up for online promotions or subscriptions was exposed when subcontractor improperly handled the data.

Twitter announced that hackers broke into an unspecified number of its users accounts and sent spam promoting acai berry drinks. A Twitter spokesman said hackers used passwords harvested in an earlier breach at Gawker Media, which runs Gawker, Gizmodo and other technology and media sites. Gawker warned subscribers Sunday that its database had been hacked and urged them to change their passwords. Twitter reset passwords it suspected were compromised, but said only a small share of its 175 million users were affected, although the number was undetermined.

Walgreen would not say how many customers were affected, but told customers that no personal information beyond e-mail addresses was exposed. Prescription information was not at risk, the statement said.

The breaches highlighted the danger in using a single password for multiple online accounts.

Attacks on sites like Twitter and Facebook are becoming more popular because criminals can make spam look as though it were sent by friends or a trusted merchant.

Be sure to change your passwords often, and make them difficult to figure out. You should also have different passwords for each online account.

And if you receive unsolicited e-mails, do not open the links contained within them, even if you think they could be legitimate. Verify the source first.

The data was gathered through various customer promotions and includes users’ ages, contact information like addresses and mobile numbers, and general preferences. But the statement also said McDonald’s does not collect sensitive information such as Social Security information or credit card numbers online or through e-mail.

The company hired Arc Worldwide to develop and coordinate the distribution of promotional e-mails. Arc hired an e-mail service prover, a standard business practice, to supervise and manage the database.

That provider had advised that its computer systems were recently accessed by an unauthorized third party, and that information, along with information consumers provided to McDonald’s, may have been accessed by that third party.

Law enforcement have been notified and an investigation is already underway. Customers are warned that they may receive e-mails that are aimed at phishing attempts, and consumers should be leery of those e-mails.

If you are contacted by someone claiming to be from McDonald’s and asking for personal or financial information, don’t respond to the e-mail.

The same is true, generally speaking, of any unsolicited e-mail. Don’t open them. If you do, do not click on any embedded links contained within the e-mail. If you have opened e-mailed links, it would be prudent to change your passwords immediately.

Better safe than sorry.

In addition, only 17 percent of respondents working for medical practices said they were likely to report an incident of medical identity theft, compared to 38 percent of those working in a hospital.

The report, published last week, included the responses of 272 information technology and security professionals at hospitals and medical practices about their readiness for risks and security challenges they face as health care organizations increasingly use digitized medical records.

The survey also showed that 75 percent of all respondents said they perform a risk assessment at their respective organizations.

Further highlights of the report include:

• Hospital workers are more likely to report they had a chief security officer or chief information security officer in place, compared to those in a medical practice.

• More than half of those participating in the survey who worked at hospitals reported using two or more types of controls to manage data access, compared to 40 percent from medical practices.

• Almost all of the respondents reported their organization actively works to determine the cause of security breaches. while two-thirds said they have a plan in place to respond to this type of threat.

• About 85 percent of respondents said their organizations share patient data in an electronic format.

• Mobile device encryption, e-mail encryption and single sing-on were the most frequently identified elements not currently being used at hospitals and medical practices, but were planned for future implementation.

Most people upgrade their cell phones, on average, about every 18 months, but when you get rid of your old cell phone, make sure you strip it of all your personal information. Make sure this is done before you resell, recycle or donate your old phone.

To strip the information, remember that just hitting the delete button is not enough. You might not be able to see it, but your personal data could still be on your device. You will need to take some extra steps to wipe it clean. Remove your phone’s SIM card. A lot of your information is stored there. But don’t stop with the card removal.

Many smart phones now contain an additional memory card so that you can load up on apps, pictures and videos. You should remove that card as well.

Don’t forget about your phone’s internal memory. To make sure your information is completely gone, you’ll need to wipe the internal memory clean as well. Many phones have a reset option that will completely delete all the data off of the phone. You can check your manual or research online for directions. Just make sure you back up anything you wish to save, because once you hit that button, it’s gone for good.

Some companies that resell old phones say they erase all old data before reselling the phone. Check to be sure and find out what the process is before you sell your phone. And before you think of donating, find out whether the recipient will wipe your phone clean before giving it to another user.

But the only way to be sure your phone is clean is to wipe it clean yourself – and the sooner the better.

The phony debt collectors are impersonating debt collectors who use very aggressive tactics to scare the consumer into paying the alleged debt. They accuse the victim of defaulting on the debt and may even claim the victim is going to be sued or to jail if payment isn’t made. These thieves tell the consumer he must wire money or provide bank account information to avoid a nasty legal mess. In many cases, the vicim is subjected to dozens of nasty, abusive phone calls in a matter of hours.

Just as disturbing is the amount of information the callers have about their victims, which often includes Social Security numbers, home addresses, information about employers, credit references and old bank account numbers.

Victims are asked to verify any or all of the information, which gives the caller reassurance that he has the correct information to scam the victim.

Data breaches are the likely source of the information.

If you receive one of these kinds of calls, do not provide any verifying information. Either hang up or demand that the debt collector send verification of the debt in writing. Under federal law, debt collectors are required to send consumers a written notice within five days of the initial contact. Immediately following the call you should place an alert on your credit report. You should also monitor your credit report, bank accounts and credit card statements for any unauthorized activity.

To be sure your information is safe, call LifeLock. LifeLock will monitor for credit and non-credit related threats to your personal information. You’ll be notified if any threats are found, and LifeLock will take action to stop the activity before any damage can be done.

Receive 30 days free and get a 10 percent discount on enrollment with the LifeLock Promo Code “Defense.”