What is a data breach?
‘Data breach’ is a term many may be familiar with due to the high publicity and increasing quantity that are reported by the media but for anyone who isnt, the term data beach refers to an event where personal data is stolen without the system owners permission. This is often the result of a security-related incident, e.g a hack on a website, servers or infrastructure.
What data is taken in a data breach?
This can vary depending on the site, the purpose of that site and what information the system holds about you. A common data breach will involve users’ emails and passwords and basic data being compromised and taken without permission. A more severe form of data breach will take more sensitive data like credit card, passport and driving license information.
Do data breaches happen often?
Data breaches are still a real problem in 2022 and don’t seem to be on the decline. The start of 2022 has seen a large number of data breaches already in the first two months of the year.
Will a company let me know if I’ve been part of a data breach?
The system/company that has been affected by the data breach has a duty to inform any customers that had their data stolen. Some companies will go as far as to make you take security measures after the breach. For example, the website will make you reset your password the next time you log in. It is quite common for the notifications about breaches to slip through the net and not be specific enough for people to take action. A common example of this is a generic email that companies will send out to say you ‘may’ have been a part of the breach or the email will not say what data has been compromised.
Are there any other ways to know if I need to take action?
There are other ways to know if you have been a part of a breach. As mentioned above a common way is when they are reported in the news. After you have received notification of a data breach its important to take action to protect yourself from the effects. This can include changing your password to your accounts and monitoring your banking transactions and activity.
However, the best way to be notified is to use a service that automatically notifies you if you have appeared in a breach. Haveibeenpwned.com is a popular service that fulfils this role. The concept is simple but the benefits are powerful. You visit the domain and enter your email address and the site will be able to tell you if you have been part of breaches, what breaches you were found in, what data was in the breach and when that occurred. The website goes further and allows you to sign up for alerts to your email as soon as you are discovered in a breach. This gives you the best chance to take action following a breach.
This post is for information purposes and Capsule has not had a data breach. To find out more about how we keep the websites we host secure and safe see our other post on how we keep your website safe or get in touch with us.