Everything you need to know about a data breach
Every now and then you hear a familiar headline: A company suffered a data breach and now millions of customers’ details are exposed.
We give companies a lot of information about ourselves – addresses, financial details – and place a lot of trust in them to keep it safe. It’s always unfortunate when a business that’s come to be a part of your daily life suffers a cybersecurity incident, but it’s an unavoidable reality in this day and age.
There’s still a lot of confusion that surrounds data breaches – namely, what they are and how they affect people. Once you have a good understanding of that, you can look to implement some best practices to keep your personal data a little bit safer.
What is a data breach?
A data breach takes place when a cybercriminal or unauthorised user breaks into a company’s internal network and gains access to the areas where customers’ information is stored. While they may or may not take that information, simply having access to it is reason enough to believe that all the information has been compromised.
Information that’s commonly targeted during a data breach includes:
- Email addresses
- Physical addresses
- Full names
- Credit cards and debit cards
- Government-issued information (like the National Insurance Number in the UK)
- Answers to recovery questions
- Purchasing habits
All of this information can either be used by the cybercriminals in future attacks or sold on the Dark Web. Email addresses and passwords, for instance, can be used as fodder for credential stuffing attacks. It’s a type of cybercrime where someone uses software to run through thousands of email and password combinations in minutes, hoping to gain access to someone’s account.
New regulations like the General Data Protection Regulation (GDPR) are being put in place to hold companies more accountable for how they handle customers’ personal data. While brands with household names put millions into their cybersecurity, start-ups and smaller businesses often lack the funding to do so and can be prime targets for cybercriminals.
How can a data breach affect you?
Victims of data breaches are almost always removed from the cybercrime, so it can feel like nothing really happened in the first place. But data breaches are a big deal because of how they can affect those who had their information exposed.
In the scenario of a data breach, not only did the company that suffers one break consumers’ trust, but they’ve also failed to keep their pledge to protect the information that they collect. Cybercriminals now may have enough personal details to take out loans in other peoples’ names, make large purchases and generally impersonate victims who did nothing wrong.
Many people tend to use the same password across all of their accounts, despite the fact that it’s not a very good idea. If a cybercriminal were to learn that password in a data breach, they could then have access to all of the victim’s accounts that use it. Considering that many companies don’t immediately announce a data breach – though, this is changing with GDPR – a cybercriminal could gain access to multiple accounts before a victim even realises it.
The good news is that when a data breach is announced, companies often offer a remediation package for those who were involved.
How to protect your data online
Cybercrime has evolved and data breaches are a great example as to how. While you can’t stop a company from suffering a data breach, you can improve the way you protect your data so that you can limit your exposure. Adopting best practices and using solutions like Norton 360 helps protect against cyberthreats.
When it comes to protecting your information, here are a few tips that’ll help:
- Be careful who you give your information to. While you can’t get away from giving your details to your phone company or favourite retailer, really think about whether you want that new e-commerce website or news outlet you’ll never visit again to have your email address and financial details. Larger companies have better cybersecurity, while many smaller companies simply don’t have the resources to protect your data.
- Create different passwords for all of your accounts. It might be easier to use the same password for all of your accounts, but if one of those companies is breached then all of your accounts are compromised. Use a password manager like the one included in Norton 360 to keep track of all your account details and make it more difficult for cybercriminals to access them.
- Install antivirus software. Companies aren’t the only ones who can leak personal information to cybercriminals. If your computer gets a virus or malware, you could be responsible for giving up your personal and financial information. Use antivirus software to help protect against cyberthreats.
- Use a VPN online. If you’re giving personal information to companies when you’re online banking or shopping on a public Wi-Fi connection, you could be handing it over to cybercriminals at the same time. They can compromise public Wi-Fi to steal information that’s transmitted over it. Use a VPN to encrypt your data and traffic.
While data breaches are a company’s responsibility to prevent, users can also take steps to protect their data. Using a single solution like Norton 360 can go a long way in helping to protect against cyberthreats.
Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.