Recent high-profile data leaks, including incidents involving Santander and Ticketmaster, have highlighted the ongoing issue of data breaches affecting a wide array of industries, from banking and logistics to online stores and entertainment.
While companies typically take steps to protect their affected clients, individuals can also enhance their digital security. Kaspersky experts offer advice on what to do if your data has been leaked.
Data leaks often involve logins, passwords, addresses, and phone numbers. In some cases, they may include passport details and bank card information. While any data leak is concerning, it’s crucial not to panic. Instead, pause and consider the necessary steps to secure your information.
Data Leak? Immediate Actions to Take
1. Change Compromised Account Details: If you suspect your account details have been compromised, immediately change your password and enable two-factor authentication. If cybercriminals have already accessed your account, contact technical support to restore access and determine what other information might have been compromised.
2. Address and Phone Number Leaks: If sensitive data such as your address or phone number is leaked, it is usually not critical but still concerning. A leaked address typically doesn’t pose a threat unless it leads to targeted attacks like stalking. In such rare cases, contact the police promptly. For a leaked phone number, ensure accounts using that number as a login have two-factor authentication, change your password, and remain vigilant for potential fraud calls.
2. Passport or ID Leaks: If your passport or ID details become leaked, stay alert for potential social engineering attacks. Scammers might use your passport details to appear more credible. However, there is usually no need to obtain a new document.
Using leaked passport data for fraud, such as taking out a loan, requires additional personal information and substantial criminal expertise. To mitigate future risks, avoid giving away your passport details unnecessarily—they are primarily needed for banking and e-government apps, and occasionally logistics services.
3. Bank Card Details: Act promptly if your bank card details are leaked: monitor bank notifications, reissue the card, and change your bank app or website password. Enable two-factor authentication and other verification methods. Some banks allow setting spending limits for added protection. If account and balance details are leaked, be extra vigilant against phishing emails, SMS, and calls. Cybercriminals might target you based on this information. In unclear situations, contact your bank directly.
4. Organizational Security Measures: Various types of leaked employee data can be used for OSINT (open-source intelligence) to further access internal systems. To counter these threats, organizations are advised to use advanced security solutions, implement strong cybersecurity policies, and conduct employee training.
5. Educating and Protecting Against Social Engineering: Amin Hasbini, Director of META Research Center Global Research and Analysis Team (GReAT) at Kaspersky, emphasizes the importance of being aware of data leakage risks and avoiding oversharing. He advises educating relatives, especially children and the elderly, about the dangers of social engineering attacks.
“A crucial thing also is to educate your relatives, especially kids and elderly people. For example, explain that if someone refers to personal information, such as full name and even passport details, by telephone, messengers, social networks or e-mail, it’s not necessarily the bank or social service representatives, but might be scammers. In personal issues it’s advised to have a code word or question that only relatives know, while with organizations if some actions are required it’s better to use official contact information for double checking”, says Amin Hasbini, Director of META Research Center Global Research and Analysis Team (GReAT), at Kaspersky.
As data breaches continue to affect various industries, individuals need to take proactive steps to secure their personal information. By following these experts’ advice, you can mitigate the risks associated with data leaks and protect yourself from potential cyber threats.
