2017 – the year of the data breach?

If someone was to ask you what 2017 was the year of, what would you say?

For us, something we’ve noticed over the year is that reports of data breaches have been appearing much more regularly.

Did you know? More personal data was lost or stolen in the first half of 2017 than the whole of last year 1. And as the number of attacks seem to be on the increase, so does the cleverness of the cyber criminals carrying them out.

2017 – A timeline of UK data breaches

Playstation: February 2017

In February we learnt that hackers had got their hands on 2.5 million Playstation and Xbox players’ details. The information was stolen from gamers’ forums back in 2015 and it’s thought they took people’s email addresses, passwords and details of IP addresses.

The AA: April 2017

A security breakdown at the AA left customers’ email addresses, names and parts of payment card details exposed in April. The breach is believed to have affected customers who had shopped online at AA.com.

The NHS: May 2017

In May the NHS fell victim to a huge global ransomware attack, which compromised the medical records of 26 million patients across the UK.

CEX: August 2017

In August the second hand electronic retailer suffered an enormous data breach, which is thought to have affected up to 2 million customers. Personal information, including names and addresses, were thought to have been stolen, as well as some expired credit and debit card details.

Uber: November 2017

Just weeks ago we learnt of the enormous data breach Uber tried to cover up. The breach itself happened last year and compromised personal details of over 57 million customers and drivers worldwide. It’s thought that 2.7 million customers in the UK have been affected. 2

Would you know if your details have been stolen?

At the minute, if a company suffers from a serious breach they are expected to let the Information Commissioner’s Office (ICO) know but they can choose whether to inform their customers. Which means, unfortunately, we could have had our details stolen and not know about it.

The introduction of the General Data Protection Regulation (GDPR) in May next year will give more control over this, as under the new law companies who conceal serious breaches from their customers can receive huge fines.

What can you do to protect yourself?

Keep watch

Once fraudsters have enough of your details they can start opening financial accounts in your name and make transactions without you knowing, which could have devastating effects on your financial health.

By regularly keeping a check of your credit report you’re more likely to notice anything suspicious and be able to stop it before things get out of hand.

Be password smart

Whilst there’s nothing out there that could be 100% secure, there are ways in which you can make your passwords strong.

Use different passwords for different accounts and try to use a mix of random words with a mixture of numbers.

Keep your software up to date

When you’re notified of updates required on your devices, download them there and then, don’t delay. By doing so, your security features will always be up to date, meaning it would be much harder for fraudsters to access your devices.

For more advice around identity theft and keeping safe, visit our dedicated Security area on our blog.

1 Statistic taken from: http://breachlevelindex.com/assets/Breach-Level-Index-Report-H1-2017-Gemalto.pdf

2 Taken from The Guardian: https://www.theguardian.com/technology/2017/nov/29/uber-security-breach-london-sadiq-khan-users