Pro-active efforts to ensure cyber security after data breaches and cyber-attacks increase
It seems like every time you pick up a newspaper these days there is another article reporting a data breach or cyber-attack affecting millions of consumers. In the year to date, Marriott reported that the personal data of circa 500 million guests had been compromised from their reservation database.
British Airways confirmed that 565,000 people had been targeted by hackers that had stolen their credit card details. HSBC announced a serious breach in its US retail business as fraudsters gained access to customers’ account details, statement histories and other personal information. Equifax, Tesco Bank, Facebook, Yahoo, Cathay Pacific and TSB are also among many other names that have experienced data breaches in recent times. Huge data losses are becoming all too familiar and it is now recognised that the sophistication of cyber-attacks is increasing such that companies must ensure that their cyber security practices are robust.
New data privacy rules became enforced in 2018 under General Data Protection Regulation (GDPR). These new rules require firms to report certain personal data breaches within 72 hours once known. Should firms not do so, then fines could be the higher of either €20m or 4% of annual global turnover. This is a significant change to prior legislation which capped the maximum fine at £500,000 – a fine levied to Facebook following the abuse of its data for political purposes.
These new regulations have increased the awareness of the public for data security, but many still feel the UK is not resilient enough to cyber-attacks. A joint committee on the UK’s national security strategy criticised the government for failing to act with enough urgency to the growing cyber threat that could impact critical infrastructure such as hospitals, transport networks and energy plants.
Often some simple steps can be followed to enhance your security online, particularly for banking purposes too. First, we recommend that you regularly change your password. Passwords should be a minimum of eight (8) characters, feature lower case and upper case letters, include a least one number and for best practice, include a symbol (e.g. $, £, !, %, etc).
Second, make sure you stay safe to spoof emails that encourage you to click a link to a fake website where fraudsters steal your details. Instead, only open accounts from email addresses that you recognise and do not click on links sent for your banking via email. Should you have any queries, contact your bank directly or load their website independent to the email. Finally, avoid using public Wi-Fi networks for accessing your banking through mobile or internet-based banking. Connect instead through private internet connections that are password protected.
Should you at any point feel that your passwords or secure information has been compromised, we recommend you call your bank immediately. You should change your password immediately should you feel it has been accessed and make sure to keep a regular check of the transactions on your accounts, flagging any that you do not recognise.