It’s getting confusing. Originally, this post was to let our members know that their accounts were not vulnerable to the recently discovered “Shellshock” Bash bug.  Neither standard nor mobile access accounts are affected.  Good news.

Except that yesterday, it was revealed that a data hack of JP Morgan Chase bank compromised 75 million personal accounts.  Bad news.

According to Fortune Magazine, the “data breach affected customers who used the bank’s Chase.com and JPMorganOnline websites, as well as the Chase and J.P. Morgan mobile apps. While the breach may have compromised users’ contact information – such as names, address, phone number, e-mail, etc. – the bank says ‘“there is no evidence”’ that customers’ financial information was stolen.”  So, says JP Morgan Chase—the largest U.S. Bank by assets—hackers did NOT get credit card numbers and passwords, just names addresses and emails.  Good news?  Not really.

Hackers can do a lot of things with just your contact information.  Increased spam and phishing emails, especially seeming to come from someone you know and trust, are just part of the problem. Open an email from someone (you think) you know, click on an innocuous looking link, and now the malware just installed on your computer or smart phone provides hackers access to all your data.

Adam Levin, chairman and cofounder of Credit.com warns about increased vishing (phishing phone calls) as well.  They’ll call you and claim to be from your bank (they just need your account number and routing information), the IRS (just confirm your Social Security number) or even Microsoft (just let them log into your PC remotely) to try to gain access to your personal or financial information or even install malware on your devices.

“But all these techniques require one thing: that consumers fall for it! They require you to let your guard down, assume your spam filter will catch it, be distracted when so-and-so from ‘your bank’ calls worried about your account security, or wondering who would text you a link to something and what it could all mean. They require you to think that Target’s offer of free credit monitoring is all you need to protect yourself, that a hacker having your email address isn’t a big deal, and that once your credit card is replaced, you need not closely monitor your accounts after that.”

That’s the complicated part.  You have to pay attention.

We are lulled into a daily routine of sharing information about ourselves. We share likes on Facebook, photos on Snapchat, and tweet things randomly without much forethought.  We agree to terms we don’t read on iTunes and the Play Store.  So, when the fraudulent email or call pops up, it can appear to be just another day in the data park.  Bad news.

The good news?  We have more control than we realize over our personal information.  The first step to protecting it is to realize how valuable it really is.