Caught in data breach, what do you do next?
Every month we hear about big companies having been hacked and our data being taken by cyber criminals, but what does it mean for us as individuals and what should we do about it? A data breach is when cyber criminals gain unauthorised access to a computer system or network and steal the private, personal and financial data of the customers or users. A quick glance at some of biggest breaches ever just how big a problem this is:
Company Number of Users Data Exposed
Yahoo 3 billion
Marriot 500 million
Myspace 360 million
Equifax 145 million
eBay 145 million
LinkedIn 117 million
The cyber criminals want to steal names, email addresses, usernames, passwords and credit card numbers. This data is either sold on to other criminals looking to steal your identity, breach other accounts or make fraudulent purchases at your expense.
Even if you have never used any of the above sites there have been thousands of other breaches and its worth checking to see if you have been breached, you can do this by checking your email address on our website. I know it counter intuitive to enter your email on a site when you are continuously told to keep your data private, however this is our website, we don’t store your email address and its more important to know if your passwords etc have been breached.
One of the scary things about these breaches is that, according the Ponemon Institute, the average breach goes undiscovered for 197 days, and then takes 69 days to repair. Some people shrug off the breeches because the passwords are encrypted, which is true, however they are almost always encrypted using the same method and while the most popular passwords for 5 years running have been “123456” and “password” its not been difficult for the criminals to crack the code. So, there’s our first lesson, use strong passwords, see our guide.
So, what should I do when my data has been stolen?
- Reset your password – for both the compromised account and other account that you have used the password for. Therefore, we recommend using a password manager to keep all your different passwords safe, this also has the added benefit that it won’t unlock fake sites
- Regularly – check your bank and credit card accounts for suspicious activity. If you find any contact the bank or credit card company immediately using the number on the back of the card
- Be extra vigilant – for phishing emails as opportunistic cyber criminals send out millions of phishing emails when there is a major data breach trying to con the unwary into logging into a fake site so they can steal your details
- Enable 2-factor authorisation – on any online account where it is available. Although having to enter a code from a text message or email may be momentarily inconvenient it sure beats being scammed!
- Still Unsure? – Call Reassura 0800 888 6400 and one of our fraud advisor’s will help you to stay safe
The first stage of keeping safe from data breaches is knowing if you have already been part of one, so check using our website. If you have been please follow the steps above and stay safe.