fbpx
Contact Us

How Cyber Criminals Get Our Personal Data

Go Back

Cyber criminals can get hold of our personal via a number of means, including;

  • Direct From Us - either via phishing emails (fake emails) or social media messaging we might be tricked into handing over our bank details or sensitive information when a criminal is impersonating one of our family or friends. We may also enter it into a dodgy website and inadvertently send it direct to the criminals!
  • Personal Security Breach - our devices are compromised by a computer virus (malware) and data is stolen, without our knowing, direct from our own devices.
  • Company Data Breaches - companies have to store our personal data in order to provide us with a service. Unfortunately, most companies do not have the funding, skills or appetite to have sufficient security to prevent our personal data being stolen by hackers or lost by careless employees. With these data breaches escalating, in this article we explore how this happens and what we can do about it.

 

Companies Losing Our Personal Data

It is unfortunate that failings in security within the companies we use every day, often household names, enable cyber crooks to commit identity theft against us. These kinds of breaches are happening all the time and some are on a colossal scale...

  • Instagram in 2017 got hacked and lost 6 million records containing personal information of their users.
  • Even more worryingly, Equifax who is one of the three credit reference agencies, had 143 million US customers’ data stolen in early 2018.
  • Adult Friend Finder had 412 million stolen in 2016
  • DailyMotion 85.2 million
  • Ebay 145 million
  • Sony 77 million
  • Target Stores 500 million
  • The list goes on....

 

 

Often Companies Never Find Out They've Been Hacked

These are only the data breaches that companies know about and have publicly confessed to. Many industries don’t require data breaches to be formally disclosed and most companies quite frankly don’t have the monitoring and detective capabilities to even know when they have been breached. I know – I’ve worked in them. Symantec in their latest Internet Security Threat Report, suggest it is now an accepted practice for businesses not to disclose breaches at all.

They report that whilst the number of disclosed breaches increased last year by 23%, the number of those undisclosed rose even more by 85%! This situation should be helped by the introduction of the General Data Protection Regulation (GDPR) which came into effect for all European countries (including a Brexit Britain) on 25th May 2018.

Example: Ashley Madison

To demonstrate how easily accessible some companies often make our sensitive information, let’s take the example of dating website Ashley Madison. In July 2015, a hacking group called the ‘Impact Team’ attacked the Ashley Madison website accusing them of unethical business practices (the website provides a dating platform for people looking to have an affair). It actively encourages adultery and even once marketed “Life is short…have an affair!” If the website wasn’t shut down, the hackers threatened to release millions of personal details of those who had registered (and by deduction, the vast majority having or at least looking for an affair).

Ashley Madison didn’t relent to the blackmail and called the hackers bluff…As a result, 32 million adulterers’ personal details were posted publicly online. The details included names, residential addresses, credit card information and sexual preferences. You can even use certain websites to check if your partner was registered on the site! France24 reported that over 1,200 Saudi Arabian people were registered on the website. In Saudi Arabia, adultery can be punished with death. Police forces around the world have also reported that numerous suicides have occurred as a direct result of the Ashley Madison breach. You can now start to see how cyber-attacks can start to have a very real impact on ‘real life’.

Unfortunately, as is often the case for cybercrime victims, it didn’t stop there. Their personal information was now public, so other cyber criminals jumped on the bandwagon and started blackmailing them. One customer was contacted by an anonymous person who said; “How much is your marriage, standing in community and reputation at work worth to you? Your countdown has started”. He was asked to pay £1,000 and if he didn’t, he was going to contact all of his friends, family and work colleagues on social media and expose him.

 

There are hundreds of examples like these and they all demonstrate how out of our hands the security of our personal data is. The scale of corporate data breaches is now occurring at such a rate that just during the time it took you to read this article, 19,280 personal data records have been lost somewhere.

 

What Can We Do To Protect Ourselves?

The unfortunate cold hard fact is this - we must accept that we must entrust our sensitive information with corporations who don’t have the money, skills or resources to sufficiently protect it. As such, we must accept that it is inevitable that at some point our personal information will, through no fault of our own, get into the wrong hands. We therefore need to put a few things in place to be alerted when our data is breached so we can do something about it.

 

1. Have You Been Hacked Already?

The first step is checking if your personal data has already been breached. You can do this by entering your email into our (free) data breach checker tool on our homepage here.

2.Data Breach Monitoring

So you don't have to constantly be manually checking if your data has been hacked or not, you can get someone else (again, for free!) to check on your behalf, automatically, by using a service like www.breachalarm.com.

If you have been hacked, you can immediately take steps to protect yourself from fraud and identity theft, such as changing passwords and implementing two factor authentication.

 

For more information on help recovering from a data breach, ask our experts a question in our community forum here!

Hacked Social Media Recovery Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share some internet safety tips. You of course can unsubscribe at any time.

Free Protection Checklist!

Pop your email into the form below and we'll send you the link to your internet safety protection checklists!

We hate spam and won't send you mindless marketing emails. We share internet safety tips. You of course can unsubscribe at any time.

Free Cyber Bullying Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share some internet safety tips occasionally. You of course can unsubscribe at any time.

Free I've Been Hacked Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share internet safety tips. You of course can unsubscribe at any time.

Top