Emerging Threats

Personal information of 143 million people may have been exposed in latest data breach


Authored by a Symantec employee

 

Equifax has recently announced that cybercriminals exploited a vulnerability in their website, allowing them to gain access to certain files. The data breach appears to have taken place from mid-May through July 2017. The company discovered the unauthorized access on July 29 of this year. Cybercriminals stole names, birth dates, addresses and other sensitive information. In some cases, driver's license numbers and even, credit card numbers were accessed. During the company’s investigation of this breach, it was also found that there was access to some personal information for some UK residents.

How do you know if you have been involved in a data breach?

Usually, data breaches are disclosed via a company’s press release, which reaches news outlets in no time. If you hear about a breach involving an institution you do business with, contact the organization in question to check whether your data has been compromised. You can visit the organization’s website to see if there is a statement about the breach with any instructions about what to do next, or you can call the company’s customer service phone number.

Protecting yourself in the event of a data breach

You may not know if you have been affected by a breach, so your best action is to be proactive. You can use the tips below to stay ahead of the bad guys and know what to look out for.

  • Routinely monitor all your financial accounts for suspicious activities, such as transactions you did not make. If your institution offers account activity alerts via text or email, sign up for them.
  • Cybercriminals can now use this data to access other online accounts you may have via password reset questions. These questions usually ask you personal information about yourself such as a parent’s maiden name, previous addresses and other details. If you have used any of this data in those security questions, you should change those questions immediately.
  • Be very wary of any email purporting to relate to the breach - there is often a surge in phishing attempts related to high-profile breaches.
  • Exercise caution with websites offering to check if someone’s details are included in the breach. Unscrupulous operators could use the submitted details to identify people who are worried about the breach and target them with extortion attempts. Use free tools, such as Norton Safe Web, to check on the reputation of the site.
  • Do not pay anyone offering to remove personal details from the leaked data, since this cannot be done. This information is already in the public domain and multiple copies exist.

In general, there are several important steps you can take to protect your data, here are a few key best practices:

  • Use strong passwords: This cannot be emphasised enough. Use strong and unique passwords for your accounts and devices, and update them on a regular basis—ideally every three months. Never use the same password for multiple accounts.
  • Exercise security savvy: Passwords are the keys to your kingdom. Use password management software to create strong, unique passwords for each site you visit and keep your devices - including smartphones - updated with the latest security software.
  • Be vigilant: Review bank and credit card statements for irregularities, be cautious when handling unsolicited or unexpected emails and be wary of online offers that seem too good to be true - they usually are.
  • Know who you work with: Familiarise yourself with policies from retailers and online services that may request your banking or personal information and ensure you understand how they will use your data. As a best practice, visit the company's official website directly (as opposed to clicking on an emailed link) if you must share sensitive information.

These are just a few of the precautions you can take to help protect against identity theft. Keeping yourself aware of all the threats that can affect you is the first step towards a digitally safe life. When it comes to keeping the personal information on your laptop, PC, smartphone or tablet safe, consider using trusted protection like Norton Security to defend against viruses, spyware, malware and other online threats while safeguarding your identity and online transactions.

Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the LockMan Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome and Android are trademarks of Google, LLC. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced and/or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other company names and product names are registered trademarks or trademarks of each company.