THE LATEST EDITION

November 2018
M T W T F S S
« Oct    
 1234
567891011
12131415161718
19202122232425
2627282930  

Have you been hacked this month?

I’m assuming the majority of people are sitting smugly reading this thinking ‘of course I haven’t!’ You do everything you’re supposed to do, right? You’ve installed a firewall, you’ve got some anti-virus software, you never follow links in emails or open attachments from someone you don’t know or trust. Well, that’s all very commendable but unfortunately it isn’t you that’s been hacked. It’s your information stored by the companies you trust that’s been compromised.

Since the start of this year, globally, there have been 365 data loss incidents involving 126,727, 474 records. According to research by analyst house, Juniper Research, 90% of organisations have suffered data breaches in one form or another over the past 12 months. Testament to this is the number of household brands that have inadvertently divulged the information of hundreds of individuals:

– Epsilon’s mailing lists were breached which affected, amongst others, a number of UK brands including Marks & Spencer and Mothercare
– Sony Playstation had its systems hacked with the personal information of 77million gamers accessed.
– Numerous incidents by the NHS that holds millions of sensitive personal information records for almost every individual in the country
– RSA experienced a breach that has jeopardised the security of thousands of users of its physical two factor authentication tokens
– Travelodge is still holding its cards very close to its chest but it has confirmed that the email address of some of its customers have been sent spam messages.

We conservatively estimate that the average family’s personal information has been breached 10 times since June.

Organisations ask you to trust them to store your information. However, the stark reality is that all too often someone’s lax security controls allow a malicious person to gain entry to your personal records.

Too Little Too Late

Each time an organisation is breached we see them desperately trying to reassure customers that it’s all going to be okay. What organisations fail to grasp is that, each time your record is breached, organised cyber criminals are piecing together bits of information about you, your habits, and that of your family’s that together creates a complete picture.

What can be done with an email address? Well, a criminal could spoof you into responding to a phishing email purported to be from the bank you use or the store you shop at. If they have some further details about you, for example date of birth, children’s names etc. they may be able to ‘guess’ your password and access your account.

Take Back Control

Although you can’t personally go into every organisation and ask them how they protect your information you need to treat your personal information as you would any of your physical possessions in the real world. Here is a list of things you can do to prevent cyber-criminals capitalising on your personal information:

– Put a lock on the door by installing a firewall and make sure it is properly configured and up to date.
– Keep your operating system and browser patched and up to date.
– Install an alarm by using industry standard anti-virus software and make sure you install any updates.
– Restrict key holders by not sharing your password with anyone.
– Change your password regularly and make it hard to crack – but one you can remember without writing it on a post-it-note and sticking it to the screen!
– If you change your PC make sure you get the hard drive scrubbed.
– Be careful about the personal information you divulge when filling in registration forms. Ask yourself whether the organisation really needs that much information about you and, as importantly, can you trust them to keep it safe?
– Be careful what you tell strangers on social websites and in chat rooms.
– Question the validity of emails you receive and never click on an embedded link or down load attachments if you’re at all suspicious.
– If you have children, and allow them to use your PC to access the internet, make sure they know about online safety.
– If you are using your computer for work purposes and store sensitive data on it, get your employers to install 2 factor authentication, that’s something you know (like your own strong and made up password) and something you have like a -one-time” password which can be sent to you via an SMS message on any mobile device you own.

We’ve all got used to locking our front doors and keeping valuables out of sight. Until we can trust organisations to give our virtual possessions the same protection we need to take steps to protect ourselves.

www.securenvoy.com

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>