View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 10, 2017updated 11 Oct 2017 4:51pm

5 steps to take if your personal data has been breached

Data breaches like Talk Talk, Three and Wonga continue to make headlines and shine a light on concerns regarding the protection of private data and personally identifiable information (PII). UK consumers continue to be caught up in the aftermath, but fortunately there are steps you can take to avoid serious ramifications in the event of a cyber-attack. We’ve collated five tips that will help if your personal data gets breached:

By Ellie Burns

Tip #1: Dedicate Time to Your Digital Accounts

Make a list of all the organisations, financial institutions, websites, apps, and other entities that could be at risk because your information has been compromised. Then spend an hour and change your online passwords (see tip #3), and sign up for the credit monitoring service that the breached organisation will most likely offer.

Next, lock your credit rating to mitigate the financial aspects of identity theft. Unless you apply for credit cards and loans every month, contact the three major credit rating companies (Equifax, Experian and Callcredit) and apply a security freeze to your credit history. This will safeguard your information from the possibility of a criminal opening new credit cards or loans against your credit.

Be sure to also remain vigilant over the state of your accounts in the coming months.


Tip #2: Anticipate Cybercriminals Will Impersonate the Breached Brand and Offer “Help”

Organisations that have been breached will often use email and social media posts to contact potential victims. Cybercriminals are sophisticated and savvy and will impersonate the same brands post-breach, knowing customers are expecting communication. Cybercriminals will fake the display names on emails or create fraudulent social media accounts to trick worried victims.

To ensure secure communication don’t click on the link in potentially fraudulent email or social media posts, always call directly or visit the company’s main website to log into your account and immediately change your credentials using a strong, unique password as detailed below.


Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Tip #3: Play Hard to Get, Regularly Change Your Credentials

We recommend regularly changing your login credentials, using strong passwords that conform to best practices. Never use the same identifier across more than one account. If possible, make your passwords at least 8-15 characters long with mix of upper and lowercase letters, numbers, and symbols. An example is @str0ngpa$$worD.

Be sure to also enable the two-factor authentication option – if available – which sends a unique code to your mobile phone or email for every login. For email in particular, implementing these changes will help you avoid identity theft or fraud and stop attackers from using your legitimate email account to target other victims.

Tip #4: Your Personal Email Account is the Key to Your Kingdom, Guard it Accordingly

If your personal email is compromised by an attacker assuming your identity, it could expose all your contacts to an immediate threat and allow the attacker to reset all of your other account passwords. This includes your banking access, social media accounts, mobile payment settings, phone details, and more. By taking advantage of personal email accounts, hackers exploit the digital trust that exists between the email sender and receiver.

If you suspect your email account has been compromised, immediately change your email password. Then, alert your contacts — remind them to not click, ask them to delete the previous email from you, and update their antivirus and anti-malware software. Finally, if you did click a malicious link or have other reason to believe you were exposed to malicious software, contact an IT professional and have them scan your computer for malware.


Top #5: Beware of Fraudulent Emails, Websites, Texts, and Scam Calls

Don’t click or respond to anything suspicious, as doing so might put you on a cybercriminal’s radar. If an email arrives claiming to be from a known website, type that website’s home page directly into your browser, then navigate in appropriately. Unknown website? Avoid it.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.