We all use the internet for shopping, banking, work, and keeping in touch with friends. But with so much of our personal information floating around online, it’s important to understand how to protect it. This article talks about smart ways to keep your data secure. Let’s start by looking at what happens when your data is compromised in a breach.
What is a data breach?
A data breach happens when someone gets unauthorised access to private information, like usernames, email addresses, passwords, or even bank details. Sometimes this happens because a company’s systems are hacked, allowing attackers to steal data, usually for financial gain. Companies familiar to us such as Yahoo, Facebook, LinkedIn have been victims of data breaches with millions of user records being exposed. The Yahoo breach alone exposed over 3 billion accounts!
Where does stolen data go?
Once criminals get hold of personal data, it doesn’t just disappear. In fact, it often gets sold on the dark web, which is a hidden part of the internet. Your data could be passed from one criminal to another, with things like passwords, bank card details, and even health information being bought and sold.
What do criminals do with it?
Stolen data facilitates a whole range of cyber crimes. Criminals might:
- Use your bank details to commit financial fraud.
- Take over your social accounts to scam your friends.
- Launch “social engineering” scams, where they use your info to trick you into revealing more information about yourself.
This is why keeping your accounts secure really matters. It is not just about protecting yourself, but also those around you.
How to lock down your personal accounts
Here are smart ways to stay one step ahead of attackers:
Strong password policies
Weak or reused passwords are one of the easiest ways hackers get in. Here’s how to make yours stronger:
- Use long passwords (12+ characters) with a mix of letters, numbers, and symbols. Think of a phrase or mix of random words that only you will remember.
- Avoid including personal information within it, like your birthday or your pets’ names.
- Never reuse passwords. If one site is breached, criminals will try the same password everywhere else.
- Consider using a password manager. These apps generate and store strong, unique passwords for you so you don’t need to remember them all.
Multi-Factor Authentication (MFA)
MFA adds a second layer of protection. Instead of just a password, you’ll also need to approve a login through something you own.
But here’s the catch: receiving codes by text message isn’t the safest option. Attackers can use a technique called SIM swapping, where they trick your mobile provider into transferring your number to a SIM card they control. Once they have your number, they can intercept your text codes. This exact method was used in high-profile hacks of X (formerly Twitter) accounts.
The safer option? Use an authenticator app, like Google Authenticator or Microsoft Authenticator. These apps generate codes directly on your phone, making them far more secure than text messages.
Keep devices updated
Software updates aren’t just for new emojis or bug fixes. They patch security flaws that hackers exploit. Turn on automatic updates for your phone, laptop, and apps to stay protected without even thinking about it.
Stay alert to phishing
Phishing is when scammers send fake emails, texts, or DMs designed to trick you into clicking a link or handing over details. To lower your risk:
- Avoid signing up to random websites, competitions, or ‘free trials’ with your main email. This will often end up with your email on a spam list.
- Use a temporary email generator (like 10MinuteMail or temp-mail) for one-off sign-ups you don’t trust.
- Always double-check links before clicking. Hover over them to see where they really lead.
In the next edition, we’ll dive deeper into different types of phishing, including how to recognise them, the tricks scammers use, and the red flags you should always look out for.
