Data leaks, also referred to as data breaches, are becoming increasingly common as our daily lives become more virtual. A data breach is when someone gains access to protected digital information without permission to do so. This can happen through getting hacked, having your device stolen, using public WIFI, unknowingly downloading malware…there are many ways your data can be compromised. (This is different from a data loss, because the data is still in tact–it’s just that an unauthorized person can access it.)
You might have heard about data breaches in the news at some point. Large companies like Yahoo, Netflix, Marriott Hotels, Quora, GooglePlus, MyFitnessPal and many others have all suffered from data breaches in the last couple years.
How often do you use online tools, resources and accounts every single day? From Facebook to YouTube to Dropbox to email to making banking transactions, there are countless ways many of us rely on being connected.
With over a billion records exposed since 2005, it’s likely that you’ll eventually receive a notification to find that your data has been compromised and your personal information is at risk at some point (if you haven’t already).
Data thieves prey on both giant, global companies as well as small ones. Unfortunately, CNN reports that nearly 1 million pieces of malicious software are created every day! Plus, data can be accessed in multiple ways, including your desktop computer, smartphone or tablet. That means it’s hard for companies to stay on top of new threats because they’re always evolving.
So how do you protect your personal accounts and information from being compromised in a data breach?
• Set up alerts on your accounts when possible. Your bank account, credit cards and other financial accounts may be able to send you a notification when a purchase has been made that’s beyond a certain dollar amount. Credit card companies can help you with setting up fraud alerts as well, and freeze your accounts. This is a great way to be alerted if your account gets compromised and charges start being made.
• Create complex passwords. Remembering a long, complicated password can be inconvenient. But recovering from being hacked is even more inconvenient! Use different passwords for each account, and use combinations of lower-case and upper-case letters, numbers and symbols with 8 characters or more. To make it much easier, you can use a password manager to create and remember passwords for you.
• Use Multi-Factor Authentication (MFA) if possible. This is when you must verify your identity twice to access your account, such as with a username + password and a code that is sent to you via text that you must verify when you log in.
• Set your mobile device to be equipped with commands that deactivate your device if it is lost or stolen. Your phone provider likely has a service to encrypt and lock your device and wipe all data if it is lost or stolen.
• If you send sensitive data electronically, encrypt it using passwords. You can find encryption services online, or encryption features within your software to be able to secure emails, files, folders and so on.
What do you do to recover from a data breach?
If you receive a letter notifying you of a data breach that included your account, the first step is to take a breath, then thoroughly read the letter. The letter will explain what information was compromised, how the breach happened and how to learn more about the specific details.
Next, take these steps:
1. Contact your financial institutions. If they have a heads’ up, they can stay alert to suspicious activity.
2. Review your billing and account statements and your credit report. Keep a look out for any withdrawals–large or small–that you can’t verify.
3. Continue monitoring your accounts regularly. Staying alert is the best way to prevent further abuse.
4. Update your passwords. It’s a good practice to do this every couple months, anyway. Update all your passwords to block cyber criminals from accessing multiple accounts or information that can lead them to crack into your accounts.
Try a password manager. Password managers are software designed to help you create secure passwords and store them for you securely, so you don’t have to remember them but can still access all your accounts from your various devices.
Data breaches can lead to identity theft and other types of fraud that can be much more serious than you imagine. It can take time and effort to untangle the mess, depending on how severe it becomes. For that reason, it’s smart to know what to do after a data breach and take steps to prevent it as best as possible.
– Identity Theft Resource Center
– Federal Trade Commission