15 April 2023
Professional networking giant LinkedIn saw data from around 700 million of its users posted on a dark web forum in June 2021, impacting more than 90% of its user base. And more famously, in April 2019, two datasets from Facebook apps were exposed to the public internet – information related to more than 530 million users, which included phone numbers, account names and Facebook IDs, amongst other information.
Data breaches are one of the most common ways for cybercriminals to obtain personal data, with these often running into the millions. In fact, according to a 2022 report by IBM, the average cost of a data breach has reached $4.35 million.
But why is all this important, you may be wondering? As cybercriminals are becoming more sophisticated and innovative with their attacks, they can utilize personal data in fraudulent ways, including identity theft, financial fraud and cyberstalking, which makes it even more important to take every necessary precaution to protect your data.
Here, we delve deeper into what personal data is and how apps and other entities protect your data, while we cover the steps you should take to protect yourself from any potential breaches.
Personal data is any kind of information that could be used to identify an individual or their lifestyle. Imagine things like your name and address details, your date of birth or other contact information, such as your phone number and email address, as well as your social security number and other sensitive details you wouldn’t typically hand down to people you’re not familiar with. It could also include financial details like banking or credit card information, medical records and online activity tracked by search engines and other websites.
So what happens when you don’t protect your personal data? You risk exposing your privacy, security, reputation and financial well-being. Here are these implications in more detail:
Today, pretty much every business out there uses hordes of information to help them build products and market them to customers and this is why data is worth its virtual weight in gold. Most of this data is completely anonymous and doesn’t contain sensitive information, such as names, addresses or credit card details, however, it’s still useful for things like recommending content of what to watch next on TikTok and YouTube to targeting people with specific ads or products. That’s why modern hackers often target a company’s data instead of going straight for their money. And in many cases, any data they can steal can be sold in huge quantities for more money anyway.
As data has become the new global currency, data security has evolved to keep up. Data encryption, for instance, is one of the biggest defences against theft. This is a bit like codes in old spy movies where the real information, like a phone number, is replaced by a set or many sets of new numbers that only the security system can read. On top of that, if you use several apps, you might have used something called Two-Factor Authentication or 2FA. This is where the app asks you for both a password and an additional code, which is retrieved either via a text message or another app. Two-Factor Authentication works on the idea that it’s much less likely a data thief could get both your password and your phone at the same time.
However, the security of your data depends on several factors, including the type of data, where it is stored and the measures taken by the entity responsible for its protection. Generally speaking, organizations that collect and store sensitive data are responsible for ensuring that it is adequately protected against unauthorized access, theft and other security threats. This includes implementing security controls like encryption, access controls and monitoring, while they use firewalls to protect their servers from unauthorized access.
Also, when you share your data with an organization, it is important to understand their privacy and security policies. Look for businesses that are transparent about their data handling practices and have a good track record for protecting user data.
Protecting your data is a shared responsibility between you and the organizations that collect and store your information. Yet, one crucial thing to remember is that no encryption, 2FA or any other security will stop you from giving away data yourself. Even a simple action like browsing a website generates data about you through the cookies installed in the site itself. If you’re unfamiliar with these, cookies are little bits of software which track where you go on a website and how you use it, while they have the ability to generate almost any kind of data without you ever realising.
Here are some further things to consider.
The first step in securing your devices is to identify potential vulnerabilities, so look for weak spots in your security measures that can leave you susceptible to attacks. Next, prevent cyber threats by installing an antivirus software and making sure that this is kept up-to-date. At the same time, all your devices should be running the latest version of their operating system and all other software and apps should also be up-to-date.
When it comes to mobile devices, enable biometric authentication like facial recognition and fingerprints and ensure that your phone is protected with a strong password. For laptops and desktops, consider using disk encryption to protect important files and data.
Finally, it’s important to be aware of any recent cyber-attacks. For example, the growing trend of remote work has resulted in a rise in phishing attacks to employees’ work emails. Similarly, cryptocurrencies are constantly being targeted by attackers due to their decentralized and easily accessible nature. So keep all this in mind.
For starters, public Wi-Fi networks can be targeted by attackers to intercept and steal sensitive information, so avoid connecting to such a network and if you absolutely must do so, use a virtual private network (VPN) to encrypt your traffic. On the other hand, you must secure your passwords and enable 2FA. Your passwords should be long and complex, and of course, unique to each account.
At the same time, do not open emails, attachments or links from unknown or untrusted sources and be mindful of phishing emails that may appear legitimate, yet are used to steal data or install malware on your device. Always confirm the authenticity of the sender. Meanwhile, be cautious about the information you share online, especially on social media. This means avoid posting personal details like your address, phone number or banking details.
Privacy settings allow you to control who sees your profile, posts and photos and without them, anyone can have access to your information, including personal details. What’s worse, hackers and other malicious individuals can use this information to engage in identity theft or cyber-attacks. And while each social media platform has different privacy settings that you can adjust, here are some fundamental settings on Facebook, Twitter and Instagram you can adjust to protect yourself:
Lastly, remember that research is your best friend. Regardless of whether you’re signing up to a well-known website or an app that has been directly verified by Google or Apple, it always pays to check their data policy so you’ll be fully aware of what type of data they’ll collect and how they’ll use it.
Would you like to find out more about how to protect yourself against online threats? Take a look at what phishing, malware and viruses are and read through these reasons that explain why it’s important to use a password manager.