Data breaches in 2017

Next story
Olivia Storey

2016 saw a huge host of data breaches and sadly, it doesn’t look like it is slowing down for 2017.

With breaches in big companies such as Association of British Travel Agents, ESEA, Cellebrite, Supercell, Freedom Hosting II, PlayStation & Xbox forums, and Wishbone, why aren’t organisations being more vigilant on security for their customer’s details?

Mark James, ESET Security Specialist, talks about looking after your own data, the risks of using personal details online and how to be more safety savvy to avoid attempted theft and fraud.

“Sadly data breaches are on the rise, and they happen so often these days we could be forgiven for missing them in the news, or not taking enough notice because they have only affected X hundred thousand customers.

“Malware is being written, modified and adapted to do all sorts of tasks. Some breaches are opportunistic; it may be a lucky hit from malware doing the rounds, or it may be the result of a targeted attack through a sophisticated phishing scam designed to gain access to internal systems and wreak havoc from inside.

“If we want to use services supplied by others, whether it’s watching a film or borrowing money, we have to trust the company involved.

“We give them our details, they tell us how they value us as a customer and we get the goods - what more can we do?

“In theory nothing. We have to take them at their word, as we have no direct control over how they store our data, what measures are in place to protect our data, when or if it should end up in the wrong hands.

“All data has a value, the most common data found on the internet is usually the data we cannot change: names, dates of birth, addresses and phone numbers all of which can be used to phish for more data or attempt identify fraud or theft.

“Our financial records of course are a little different, and this data may be used to directly target your money.

“If enough data is obtained it may be possible to steal funds directly from your account or in some cases make changes to your account that could enable the attacker to pretty much do as they please.

“Of course in most cases we can get the money back, but it’s the inconvenience of having cards and accounts changed or even frozen while that’s happening.

“If you find yourself concerned or even the victim of a data breach you should contact your bank immediately, change any passwords for internet or mobile banking and be extra careful when contacted via email or indeed any kind of messaging process.

“Another precaution is to ensure you validate who you are talking too, if you’re not 100% sure of the person you’re talking too, be polite, hang up and contact them yourself through an alternate method, like mobile phone or if possible in person.

“Your banks understand the pressure of scammers and they want you to be safe so you should not be penalised for taking extra precautions and in most cases they should encourage it.”

 

Ever received a phishing email or phone call? Let us know on Twitter @ESETUK.

 

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.