With the COVID19 pandemic that is currently ongoing, many of us have to work from home in order to stop the virus from spreading even more. Some people miss the office while others love the fact they don't have a commute and love working from the comfort of their homes. Unfortunately, many people who are currently working from home don't pay much attention to cybersecurity which makes them a great target to cyber criminals.
Despite the fact that we are in the middle of a global pandemic, the number of cyber crimes is on the rise. This year, we have already seen some major privacy breaches this year, such as the Video conference service Zoom. Since most meetings had to be held online on the Zoom app, cybercriminals saw this as an opportunity to take advantage. Researches discovered that more than 500,000 hacked Zoom accounts were put for sale on the dark web for a penny. According to experts, the data was gathered by the previosly leaked Zoom credentials and finding those that work because the account owners used the same passwords instead of changing them.
It's been also reported that more tham 2,000 credit card details were stolen from British airline easyJet customers. Their email addresses and travel details have been compromised as well. This cyber attack happened at the beginning of the year. Unfortunately, nothing can be done right now and cyber criminals might be using the leaked data as they want. They might try tricking their victims by mentioning their travel plans.
What can you learn from these privacy breaches?
First, it's important to note that a data breach can happen anytime anywhere. When cyber criminals pick a target, it doesn't matter to them if it's a small locar server or a large global enterprise. Second thing you should be aware of is that compromised companies usually apologize with free credit monitoning. This might seem like a great idea, but it's just gives cybercriminals an opportunity to conduct another cyber attack.
What is a data breach?
A data breach is intentional release of protected data in unsafe environment. Think of a breach as a hole that should not be there such as a tear in a protective wall or a crack in your online security. Unfortunately, this crack can help hackers steal your data such as email address, passwords, birthdate, credit card details, Social Security number, and even your home address.
How can you notice that your data was breached?
The breached company should alert its customers as soon as their data has been compromised. Unfortunately, it's hard to notice any unusual activities and takes a lot of time to notify the customers. So, what can you do to protect yourself? Take a look at your statements and movements of all your accounts at least once a week. Even though this seem like an annoying chore, it will ensure there are no surprises. Also, there are many handy tools that you can find online which can tell you immediately that your email address was compromised.
What can cybercriminals do with stolen data?
Some would say that data is the new oil. When it comes to data breaches, cybercriminals can do many things such as:
In 2018, Europe decided to protect its citizens and marked the biggest global reform on data breach. They incorporated the General Data Protection Regulations (GDPR) which means that all data is protected in the European Union (EU) and the European Economic Area (EEA), no matter where that company is located. Thanks to GDPR, all companies have to maintain high security standards and reveal any breach information within 72 hours of discovery. If a company doesn't follow the rules, they will receive a fine up to 4% of their annual revenue or $24 million.
British Airways didn't follow the rules and received a GDPR fine of £183 million for a data security breach of its customers. As a result, many IT departments around the world are scared of the same fate and decided to invest even more in cybersecurity.
What to do if you become a data breach victim?
First, you should determine what kind of information was breached. If the company that was breached doesn't share all the details, you can search more information from the FTC and take a look what kind of information you have shared with the company.
Second, you should change all your password. It's important to use a unique and different password for each account. If you can't keep track of all your passwords, use a password manager.
If your credit or debit card has been stolen, you should immediately contact your bank, block those cards and ask for new ones. Another thing you can do is to ask for a PIN change. Also, ask the bank to notify you if they notice any unusual purchases, or withdrawals.
If your Social Security has been stolen, cybercriminals have the opportunity to open new accounts in your name. You should immediately contact a credit reporting agency.
In order to protect your data from cybercriminals in the first place, you should invest in an antivirus software. It will protect yourself from all malware, infected links, phishing emails, etc.