Nottinghamshire Police’s cyber crime team are highlighting four simple ways customers can protect themselves following a series of high-profile data breaches.
Hackers have targeted organisations by stealing customer data and demanding a ransom payment to prevent the information being sold on the dark web.
This can often lead to targeted crime such as identity theft, phishing emails and people’s online accounts being hacked.
Ticketmaster, a subsidiary of Live Nation, recently confirmed a significant data breach, with hackers claiming it had stolen the personal details of 560 million customers – including names, addresses, phone numbers and partial credit card details.
Santander also confirmed it had data from an estimated 30 million customers stolen which was being sold by the same hacking group as the Ticketmaster hackers, although it added that UK customer data was not affected or lost in the hack.
With cyber attacks on the rise, Kirsty Jackson, Cyber Protect Officer for Nottinghamshire Police, urged people to follow the below guidance to protect themselves from cyber criminals.
She said: “Sensitive information that could wind up in the hands of criminals or on the dark web after a data breach includes your name, email address, date of birth and mailing addresses.
“In some instances, passwords and passcodes can also be stolen – but the good news is there are a number of ways you can reduce the impact of a data breach.”
These are the four simple steps Kirsty is encouraging people to follow in order to protect their information.
1. Use strong passwords and don’t use the same passwords across all your accounts
Kirsty said: “The stronger your password, the harder it is for hackers to guess what it is.
“Use three random words and a mix of upper and lower-case characters, along with numbers and symbols, to make the password more secure. For example, Read421-Plants-!Treasure.
“In some instances, passwords and passcodes can be stolen when hackers target an organisation – so it is really important you do not use the same password across all your online accounts. If the password is the same or similar, hackers will be able to target all of your online accounts.
“Keeping passwords separate across different accounts can be hard to remember, so consider using a password manager app. Every smart phone has one, you can find this by searching ‘passwords’ within your settings or you can download an external one. Password managers are encrypted and are used to store passwords, so you don’t have to worry about remembering them.”
2. Enable 2-step-verification (2SV)
Kirsty said: “2SV adds an extra security step when you log into online services, to double-check that it really is you logging in and not a hacker. A common method of 2SV is to receive a code that you add separately once you’ve entered your password.
"Some online services, such as banking, may already have 2SV switched on. But most don’t, so you will need to switch it on yourself to give extra protection. The option to switch on 2SV is usually in the security settings of your account, which most online accounts now have available.
"It’s like adding an extra bolt or lock to your front door and is a must have to protect any online account you have.”
3. Check if you have been involved in a data breach
Kirsty said: “You can check to see if you have been involved in a data breach by visiting www.haveibeenpwned.com. This will tell you if your email address has been involved in any known data breaches you are not aware of and you can also sign-up to the ‘Notify me’ service to receive alerts for any future breaches.
“Receiving alerts will allow you to change affected passwords to any breached accounts. There is no need to respond to the alert itself, just head directly to the app or website to change your password to protect your account.”
4. Use different email addresses for key online accounts
Kirsty said: “While email can be a convenient way to communicate between friends, family and work, it can be a nightmare if you get hacked. Not only is it a hassle, but you can also fall victim to fraud.
“It’s therefore a good idea to consider using different email accounts for different purposes such as work, confidential/personal, online shopping etc. This reduces the risk as online shopping will be used across the internet much more than your confidential one, which is how you lower the risk to your most important accounts and data and this method can also help you figure out what precisely may have fallen into the wrong hands if one of them is hacked.”
