x

News

Data breaches and identity theft – are you sure you’re secure?

When you hear the term “data breach” do you automatically think cyber-attack? It would be a reasonable reaction if you did, given the growing risk that UK businesses face from cyber-crime and malicious hacking.

However, a data breach can occur through negligence, malicious intent or by mistake and is defined as an event that exposes confidential, sensitive, or protected information to an unauthorised person. The files in a data breach are viewed or shared deliberately or unintentionally without permission. 

Between 2017 and 2018 major data breaches occurred at Facebook, Snapchat, LinkedIn, Cisco, Oracle, Equifax, Deloitte, MyFitnessPal, Google Plus, and British Airways, among others. These are big, international companies with massive IT infrastructure to deal with malicious attempts to gain access to their networks and data. Yet, they all experienced serious data breaches. That’s because cyber-security is only as strong as its weakest link, and all too often, it’s human error, wrongdoing or carelessness that leads to its failure. 

This list of BBC articles demonstrates just how frequent and widespread the problem is and how data breaches are affecting customers, businesses and communities globally. 

Don't get caught by phishing

As computer operating systems, firewalls and email providers beef up their defences, so the cyber-criminal is having to find other means to access computer networks and their data, and one of the most successful ways they’ve found to do this is through social engineering or 'phishing'. 

To put it simply, ‘phishing’ is when a fraudulent email or website is deployed to trick an individual into disclosing personal or confidential information such as bank details, passwords or credit card numbers. While it’s hardly a new phenomenon, what’s changed is the level of sophistication involved. Phishing emails are becoming that much harder to spot, so you need to be vigilant and make sure that the email or website you’re looking at is genuine, even when it appears to belong to a trusted or familiar source.

Be aware of what you share on social media

Many of us who use Facebook and other social-networking sites will have come across games, quizzes and seemingly harmless surveys that ask participants to answer sharable questions, ranging from the name of your first pet to the street where you grew up. Some people see these quizzes as just a bit of fun – but stop and think about the personal information you may be giving away without realising. How often have you used a pet name, for example, as an answer to an online security question? 

So, be mindful of what you share on social media, particularly when it comes to free online games as these might be identity theft scams; and remember your privacy settings – avoid your personal data getting into the public domain.

When you’re out and about

You should take extra care when you’re connecting to public wireless hot spots because that ‘Free Wi-Fi’ at the airport, hotel or coffee shop may not be very secure. Worse, it may already be compromised and expose you to a ‘man-in-the-middle attack’. This is where a hacker (who might be located nearby) gains access to the unsecured or poorly secured Wi-Fi router so that they can intercept and read your transmitted data, including your log-in credentials, banking information, and any other personal information being shared with the websites you’re visiting. You could also have your files stolen and end up with your laptop being infected by malware. 

So, if you are going to use public Wi-Fi then consider installing a VPN service on your smart device or laptop to shield your online activity from snoopers and identity thieves. 

To see just how easy it is to access someone’s personal data through an unsecured internet connection, watch this video.

Get smart with your smartphone

Nearly half a million smartphones were stolen in the UK last year. That's a sobering statistic when you consider how smartphones and other smart devices have become such an integral part of our daily lives, especially at work, over the past decade. And, as more and more of us use our smartphones to access work emails and other confidential documents remotely, so the risk of a significant data breach increases if we fail to take the appropriate precautions.

So, to stay safe consider taking the following steps to ensure your smart phone is secure:

  • Make sure your phone is protected by a password, thumbprint or PIN (and don’t set a PIN that's easy to crack like 1234)
  • Encrypt your phone’s data – you can do this in the phone’s security settings
  • Take care when downloading apps that they are from a trusted source and don’t pose a security risk
  • Set up ‘find my iPhone’ or ‘locate my mobile’ or a similar feature so you can find your phone if it’s lost or stolen
  • Enable the ‘lock and erase’ feature so you can secure and wipe your phone if it’s lost or stolen to prevent its contents being compromised
  • Install and enable a VPN on your phone if you plan to use a public or unsecured Wi-Fi connection.
Are you using other smart devices?

You should also ensure that any other portable smart devices you use are similarly enabled, such as iPads, tablets, notebooks and PCs, and that they have up-to-date malware and antivirus software running, as well as two-factor authentication.

Don’t become a cyber-crime statistic

The International Data Corporation is predicting that 25% of the world’s population will be affected by a data breach by 2020. That’s a staggering statistic. And, with the number of data breaches increasing every year, this is a phenomenon that’s bound to affect us all at some point. So, don’t become another cyber-crime statistic. Stay aware of the risks and pitfalls when you go online and take measures now to keep your data secure.

 

Back