Personal and company data is information that we want to make sure is safe. However, we are hearing more each day about the massive amounts of global data breaches. Some breaches are targeted toward individual’s personal information, but more often than not, cyber criminals are instead targeting Fortune 500 tier companies to hack user profile information. While this tends to happen no matter how hard we try to prevent it, there are still precautions and reactive best practices to take in order to avoid data breaches and cyber crime.
What is a data breach?
A data breach is a break in security where information is exposed without authorization. This break in security in order to retrieve information happens in a variety of ways. Hackers can break into records to retrieve important data or the information could be accidentally leaked.
In recent news, there have been so many examples of data breaches. However, as more of our personal lives and information move to a digital space, the more likely cyber criminals are going to target companies who harbor this information. According to a study by IBM and Ponemon Institute, the total cost of a data breach has increased to cost a business an average of $3.86 million globally.
Data breaches occur because hackers seek personal information in order to hack into accounts of individuals or companies. By exploiting system vulnerabilities, such as outdated cybersecurity software, or weak passwords, cyber criminals are able to sneak malware onto a computer and steal information.
What are the recent data breaches?
So far in 2019, 4 billion records have reportedly been breached. Here are a few examples of companies that have experienced breaches this year.
Before the Capital One breach, Evite, a free online invitation and website planning website experienced a huge breach. For this breach cyber criminals were able to hack into an inactive data storage file that contained Evite user information from 2013 and earlier. The breach exposed 100 million records, including names, usernames, email addresses, passwords, and even some phone numbers and mailing addresses when provided.
Fortunately, Evite did not collect Social Security numbers, bank account numbers, credit card numbers, or any other financial information, so users did not have to worry about the collection of that data. Evite has since updated its policies, so it is safe to use again.
DoorDash, an app-based food delivery service disclosed a data breach in September that affected 4.9 million people who joined the service before April 5, 2018. User information including names, email addresses, delivery addresses, phone numbers, and passwords were accessed by cyber criminals. For some users, additional information was leaked. This included the last four digits of credit cards, and some divers and merchants also had their bank account numbers exposed. Finally, about 100,000 of driver’s license numbers of the service’s drivers were accessed.
DoorDash recommends that anyone who might be part of this breach to reset your passwords and keep an eye on their payment card statements.
What to do in the event of a data breach?
In the event of a data breach, you might not be able to do anything about cyber criminals having your personal information, but you can be on the lookout for if they are using that information for their own benefit.
- Monitor your bank account and all other financial statements. That way you’ll know if there is any suspicious activity on your accounts.
- Check to see if any new cards or accounts have been set up in your name. Chances are if a cyber criminal tries to use your information for a new account, you may get a notification on your email attached to that credit card as well as being able to spot the transaction fee in your statements.
- Research recovery programs. Some recovery programs are offered by the breached company for users whose information was accessed by hackers. Some companies are taking responsibility and helping those whose information has been compromised by their company’s data breach.
What can I do to prevent a data breach?
To prevent a data breach, make sure that employees – as well as individuals – are enforcing best cybersecurity practices. In order to help protect your information, follow these tips:
- Implement high security software. When working to prevent a data breach, you’re only as good as the security you use to protect your information. So many people think one antivirus software is enough, but that’s not always the case. If you’re a remote employee consider investing in a virtual private network (VPN). VPNs help hide your IP address and important information when connecting to public WiFi or other devices.
- Use secure passwords. While security software helps to hide your computer and protect it from criminals, the software is useless if a criminal gets ahold of password information. Passwords ensure that only those who need access to information can access it, however, if a password is easy to guess or accidentally gets to the wrong person, your data is vulnerable to getting in the wrong hands.
- Secure your phone. Interconnected devices and the Internet of Things has changed the way we can access information through multiple devices sharing one network. Now we can access personal and private employee information from our computers as well as our mobile devices. So to make sure no one can retrieve company or personal information, add a passcode to your device.
While these are a few simple ways to keep your network secure, there are other ways, such as only opening secure emails and URLs and enforcing a two-step authentication system for all your files or networks that need a password. While data breaches are becoming more and more common, there are still ways we can work to keep our information safe from hackers. If you are ever suspicious that you or your company’s information has been accessed, let your company’s IT department know or seek other professional assistance.