Whether you were conned into sharing your details on Facebook, had your bank card cloned or use an online gaming service that was hacked, you need to be proactive about clawing back your privacy and protecting your identity.
This has been the year of the data breach. In March, hackers infiltrated the databases of marketing firm Epsilon and made off with millions of email addresses. In April, 77 million user accounts were compromised in the Sony PlayStation Network hack. And in June, hacker group LulzSec broke into SonyPictures.com and gained access to one million accounts, then posted 50,000 account details online.
Such high-profile breaches are the tip of the iceberg: in fact, data breaches are extremely common. This summer saw accidental leaks of data affecting everyone from London housing tenants to secondary school pupils and hospital patients. While the Information Commissioner’s Office is set to fine those who leak such private data, once your personal information is out there, it’s exposed for good.
The following steps can help reduce the potential damage caused.
You've been hacked: Change your passwords
Create a new password for your account at the affected site. If you used the same login information at another website, change your password there too. We strongly recommend you create easy-to-remember custom passwords for sites you regularly visit. Here's how to create strong passwords.
You've been hacked: Watch out for phishing attempts and malicious email
If your email address is exposed in a data breach, scammers and spammers may try to send you malicious messages. As always, look out for suspicious email. Don’t open attachments you weren’t expecting, even from people you know. And don’t click links in messages. Although they may look legitimate, they could take you to a tainted web page that tries to steal information or infect your PC with malware. If in doubt, run the URL past Web of Trust (this download is for IE).
See also: Web of Trust for Firefox.
You've been hacked: Look for suspicious postal mail
If street addresses were compromised in a hack, cybercriminals may attempt to send you scam messages via Royal Mail. Keep up your guard. Be wary of anything you receive in the mail that asks for money or personal information. If something appears to be from a legitimate business (such as your bank) but you weren’t expecting it, pick up the phone and call that business using a publicly listed phone number (rather than any phone number included in the suspicious letter).
You've been hacked: Update your address details
Moving house and not informing every organisation with which you deal can pose a danger. Having been summonsed for a debt incurred by someone who intercepted our mail and took out a credit card in our name after we’d moved out, we know only too well the wrangles involved in clearing your name. It’s much easier to keep tabs on your financial transactions if the bills are sent to your current home address, too.
You've been hacked: Watch your financial statements
Criminals can also get at your credit-card and bank-account information through a malware infection on your PC, a compromised cash machine or payment terminal, lost or improperly discarded sensitive documents or an unscrupulous employee at a restaurant.
Always keep an eye on your bank balance and credit-card statements. Question any unfamiliar charges. See if your bank or financial institution provides email alerts when someone uses your credit card. You may even want to close your existing accounts and open new ones if you believe your information may have been stolen; contact your financial institution to discuss the best course of action.
You've been hacked: Put a fraud alert on your credit report
A fraud alert tells the major credit agencies that your identity may have been stolen, and that they should be on guard for anything suspicious, such as new credit or bank accounts opened in your name. A fraud alert lasts for 90 days; you can extend it by contacting the credit agencies. Your bank and credit-card companies will be able to provide full details of this process.
You've been hacked: Check your credit report regularly
You’re entitled to a free credit report from Equifax or Experian. Your bank may offer to initiate this. Useful information at Moneysavingexpert.com outlines how to get this information for free and highlights issues that affect your credit rating.
You've been hacked: Use ID theft protection services
Services such as Sentinel (offered by Lloyds TSB) can help you keep tabs on your personal data via monthly credit reports and add extra protective layers to your document security via a registration service. You can claim against ID theft too, but whether such services offer more than a sympathetic ear and a checklist of possible ID threats is a moot point. That said, cleaning up after identity theft can be a time-consuming process, so they can be helpful.
You may not be able to stop data breaches, but you can work to protect yourself. Be vigilant, be on the lookout for anything suspicious at all times, and don’t let your guard down. Finally, it might not be a bad idea to contact your local MP and ask for stronger laws that would force companies to better protect sensitive personal information and notify their customers of breaches sooner.
See also: Security Advisor