Anxiety, depression and PTSD: The hidden epidemic of data breaches and cyber crimes
After a restorative getaway last July – a week in Stockholm, another exploring Norway’s fjords and a picturesque hike deep into the peaceful wilds of western Sweden’s forests – Christopher Lane returned home to his Chicago condo and an overflowing mailbox.
A nondescript envelope stamped “Important Update – Open Immediately” caught his attention. Inside was an alarming notice that his medical and financial information had been stolen.
“As the news sank in, I felt dizzy with shock,” said Lane, 53, a professor of English and the medical humanities at Northwestern University.
Details of the data breach were scarce. The company had filed for bankruptcy. Advice from a helpline was “next to useless,” Lane says. He had no way of knowing how much of his data had been compromised or what the consequences would be.
Lane channeled his helplessness and frustration into Side Effects, his mental health and public health blog at Psychology Today, to help others in similar predicaments and raise awareness.
As breach after breach exposes the vulnerability of systems that are supposed to guard our private information, Lane’s experience has become distressingly common. So have his feelings about it.
Think of it as a hidden but growing epidemic.
Mental health professionals say data breaches and other cyber crimes are increasingly taking a heavy psychological toll on the millions of Americans whose personal information is plundered by fraudsters.
It’s not just the nightmarish process of clearing your name and credit history or the struggle to get credit or loans, housing, employment or medical services after a breach. Victims wrestle with feelings of powerlessness and vulnerability. Their sleep can be disrupted, energy levels decrease. They self-medicate with alcohol, drugs or food. For some, the aftereffects are more severe: bouts of depression and anxiety, even post-traumatic stress disorder.
“With every exposure you have to it, with every reminder, you get retraumatized,” says Stanford University psychiatry professor Elias Aboujaoude, author of Virtually You: The Dangerous Powers of the E-Personality.
In extreme cases, data theft can wreck lives. Resignations, divorces and suicides followed the release of stolen information – names, addresses, phone numbers and birth dates and details of credit card transactions – from Ashley Madison, a popular dating website marketed to adulterers.
“Depending on who the attackers and the victims are, the psychological effects of cyber attacks may even rival those of traditional terrorism,” says Dr. Maria Bada, research associate at the Cambridge Cybercrime Centre at the University of Cambridge.
Next week, San Francisco psychiatrist Ryan Louie is leading a session at the RSA Conference, the world’s largest gathering of security experts, on “#Psybersecurity: Mental Health Impact of Cyberattacks.”
“We’re just at the tip of the iceberg right now,” Louie says. “Everyone is going to begin realizing that these cyber attacks, which are getting more and more technically complex and more and more damaging, are affecting people’s way of thinking, their feelings and their emotions.”
Victims report feeling frustrated and helpless
Much of the emotional fallout from cyber crimes is anecdotal, but researchers have begun to study it.
According to a recent survey by the nonprofit Identity Theft Resource Center, 86% of victims of identity theft reported feeling worried, angry and frustrated.
Nearly 70% felt they could not trust others and they felt unsafe. More than two-thirds reported feelings of powerlessness or helplessness. Sadness or depression afflicted 59%. Half of the victims reported losing interest in activities or hobbies they once enjoyed.
These negative emotions can have physical repercussions. Nearly 85% reported disturbances in their sleep habits, 77% reported increased stress levels and nearly 64% said they had trouble concentrating. Aches, pains, headaches and cramps were symptoms for nearly 57%.
Consumers aren’t the only ones in harm’s way. On the front lines of a high-stress occupation, cybersecurity professionals shoulder the weighty responsibility of protecting other people’s data. Louie says these professionals frequently describe being in a constant state of high alert. Even when they clock out, they feel incapable of “turning off.” Guilt and shame are common reactions to data thefts that occur on their watch.
In recent years, awareness of the mental health impact of cyber crime has shot up in tandem with the rising number of incidents, says crisis management professional Terri Howard, senior director at FEI Workforce Resilience in Milwaukee which provides support to companies and their employees after crises such as workplace shootings and natural disasters.
Psychological toll increasing with cyber attacks
After the Target data breach in 2013, calls about cyber attacks escalated, Howard says. Hotlines her company set up through the employee assistance program buzzed constantly.
FEI Workforce Resilience found itself administering what Howard calls “psychological first-aid” to shell-shocked and stressed-out employees whose information had been nabbed. For these employees, the threat of the stolen data being exploited was sometimes just as traumatic as the reality of it happening, she says. Employees were referred to short-term counseling to help them cope, whether they were just rattled by the breach or were overwhelmed unwinding the damage.
“Unfortunately these types of incidents when they happen to some people can cause secondary trauma,” Howard says. “They may think about another time when they were violated, so it gets compounded.”
In the midst of crisis, Amy Krebs found a novel way to cope. She started a blog on identity theft.
Armed with her social security number and maiden name, the identity thief who went after Krebs in 2013 opened up more than 50 accounts. Hundreds of hours went into unraveling the mess.
The “nightmare spreadsheet” she created to document each new incident has 500 entries. “There wasn’t enough time in the day,” says Krebs, 41, who skipped dinners or movies out, unable to take a break for an hour or two as her imposter opened account after account.
The relentless calls from collection companies grated. Krebs had always been prompt with payments and cautious in her finances…….Read More>>