What are the chances your personal data will be exposed in a data breach?
Turns out, the probability is quite high.
According to CSIS research,
Two thirds of the people online have had their records stolen or compromised.
Here are some notable ones that could have affected you. Earlier in the year, EasyJet announced that the personal information of millions of customers was exposed in a data breach. The hacked information included full names, email addresses and travel data. The credit card details of over 2,200 people were also accessed.
With millions of people using Zoom during the pandemic, hackers capitalised on the situation by putting more than 500,000 Zoom account login details up for sale.
More recently, the personal information of over 235 million users of TikTok, Instagram and YouTube were exposed in a database leak. The exposed information contained full names and contact information.
How does a data breach affect you?
If a company or organisation you patronise is hacked, it’s important for you to take pro-active steps. It’s not advisable for you to dismiss the headline without taking action to find out the extent of the damage and protect yourself.
When hackers gain access to sensitive information like your name, email, address, phone number, bank or even medical information, the damage doesn’t stop there. In the wrong hands, your data could be used in these ways:
1. Gain access to non-compromised accounts: For example, if you use the same username and password for your email as your bank, the chances of hackers gaining access to your bank account is extremely high if your email is compromised.
2. Identity theft: With access to identifiable information like your name, birth date, address, phone number and email, hackers can easily use these details for their own personal gain. This information can be used to open new accounts, make purchases or commit criminal activities under your name.
3. Fraud: With knowledge of your personal details, hackers are also equipped to target you through sophisticated phishing attacks and social engineering. In other scenarios, they are able to target people you are associated with using the information they know about you.
To avoid these scenarios, below are some important steps for you to take if your personal information has been compromised in a data breach,
1. Contact the company to check if your information was affected
In most instances, the company should notify you about a data breach as soon as it happens. However, if you’ve heard about a data breach affecting a company or organisation you have dealings with, contact them directly via email or phone to confirm the breach.
A hack may only affect a subset of a company’s database or the entire list. Once the breach is confirmed, check if your account was affected and the type of information that was exposed. Figuring out what type of data was stolen will determine the next steps you take.
If the company is offering help to protect you, take the offer. Following the Equifax data breach in 2017, the credit agency offered free identity protection services and credit monitoring to people who filed claims.
2. Strengthen your online security
If your personal information has been compromised, you should change your login information and passwords immediately. This is especially important if you use the same details for different accounts. We strongly advise that you use a unique password for each account and there are plenty of free password managers to help you keep track of them. In addition, initiate multi-factor authentication across your accounts. This will give you an extra layer of protection if someone is trying to access your account.
Lastly, look out for notices of new password changes. It may be an indication that your account has been compromised.
3. Contact relevant authorities
If the data breach relates to your financial information or bank details, notify your bank immediately and place them on alert for fraudulent activities. Cancel your card if necessary and change your PIN number. Also, monitor your account for unusual transactions. Scammers often start off with small transactions then increase if there has been no detection.
In addition, register with the CIAS (fraud prevention service). This service can slow down any credit card applications since scammers often try and set up credit cards and mobile phone contracts in the victim’s name.
One of the benefits of the General Data Protection Regulation (GDPR) is the enhanced powers it has given consumers over their data. If your information has been compromised in a data breach, you can take your concerns to the Information Commissioner’s Office (ICO). Although the ICO cannot give compensation, they are able to investigate the company. If found liable for the breach, this can help you if you are pursuing a compensation claim. The ICO launched an investigation into Curry’s PC World and Dixons Travel following complaints from customers. As a result, the company was fined £500,000 for the data breach.
Kazient Privacy Experts offer bespoke Data Protection, Privacy and GDPR compliance solutions in a language you understand to UK and international organisations, and has received positive media coverage across Europe. Kazient’s GDPR consultants are fully certified to be your outsourced Data Protection Officer or EU Representative. Get in touch to find out how we can help your business by visiting our website www.kazient.co.uk or calling us on 0330 022 9009.