The blog shares some data privacy tips for protecting your confidential information in a much better way.
Data breach is a growing concern for both, individuals and business organisations. Disruptions have been caused by data breach all over the world, and its ripple effect can still be felt. Disclosing your personal information like bank details, submitting your information for identification purposes, etc. are some scenarios where our personal information is at stake.
Breach means ‘an act of breaking’ that said, Data breach is an incident of breaking into your personal and valuable information to access your confidential and personal identifiable information like personal health information, PINs, social security numbers, bank details, credit card details, intellectual property, trade secrets, etc.
Data breach is theft of your valuable information
Once breached, your valuable information is compromised and is easily viewed, transmitted or copied for nefarious activities by fraudsters, hackers, and spies. Activities like spear-phishing, accessing not-so-secure websites/payment gateways, carelessness in the handling of smartphones, laptops, opening a suspicious email stating that you have won $1 million (In 2016, Leoni AG lost $44 million in an email scam), etc. make your data vulnerable to online threats.
‘Data leak’, ‘Data spill’ are some other terms of data breach
2017 witnessed some worst cases of data breach and cyber-attacks. Whether it was WannaCry Ransomware, Equifax data breach, hackers obtain all HBO’s social media credentials, continuous attacks on Aadhaar data, theft of 17 million email addresses (Zomato hack), and so on.
Individuals lose their confidential information, but organizations lose more than just information. Their profitability, productivity and reputation are greatly affected, and it raises questions about their credibility as well. Also, the breach may run into millions of organizations.
Data breach that affected India in 2017
- Zomato data breach where 17 million email addresses were stolen
- WannaCry affected 120 computers of Gujarat Government and ten machines of the Tirumala Tirupati Devasthanam Temple
- Jawaharlal Nehru Port, India’s largest port was affected by Petya Ransomware
- Reliance Jio customer data was leaked
What studies say
- 27,000 cybersecurity threats occurred compromising 203.7 million records in the first half of 2017
- 110 million INR is the cost of a data breach in 2017, an increase of 12.3% from the last year
- Zomato hack that resulted in the theft of 7.7 million users’ personal details. It was the 6th biggest data breach case in the Year 2017.
- In October 2017, Seqrite Cyber Intelligence Labs, a unit of BSE-listed Quick Heal Technologies tracked an advertisement on DarkNet announcing secret access to the servers and database dump of over 6000 Indian businesses – ISPs, Government and private organisation. This information was priced at 15 Bitcoins.
- WannaCry ransomware attack affected 120 computers of Gujarat government and 10 computers of Tirumala Tirupati Devasthanam temple
- Fireball adware infected 25.3 million computers
- Petya ransomware cyberattack occurred on around 20 Indian organizations, notable being Jawaharlal Nehru Port Trust (JNPT)
- BSNL malware attack affected 60,000 modems
- A malware infection in systems of Hitachi Payment Services Pvt. Ltd. Affected 3.2 million debit cards in the year 2016. This was largest data breach on India’s banking system.
A study by Stellar Data Recovery reveals that used Hard Disk Drives available on classifieds websites contains high-risk data
Activate your defence
Recent studies show that you are vulnerable to data breaches and cyber criminals or hackers are capable enough to bring down organizations to its knees. Further, hackers can easily target government websites and corporate infrastructure. After the WannaCry attack, Mr. Ravi Shankar Prasad, the Information Technology Minister of India, said that the government is stepping up to counter cyber-attacks while maintaining citizen’s privacy. However, the government is not only obliged to address the issue, but individuals should also implement safe work practices to avoid the menace of this social evil.
To start with, everyone should be aware of data breach and keep oneself abreast of data privacy tips to make sure that information is not compromised. That said, here are some data protection tips to safeguard your information:
It all begins with weak passwords. Usually, a strong password consists of alphabets, numerical and special characters with the combination of both uppercase and lowercase. Further, your password should be 10-15 characters. Also, changing your password frequently and never using the same password for multiple purposes are some good ideas.
Never open suspicious emails
Even if there is a little doubt about the authenticity of emails, avoid opening it irrespective of what it contains. Cross check the sender’s email ID and open the email only after verifying its authenticity. Besides, avoid clicking on links and advertisements sent from unknown senders. You might receive emails from retail corporations or banks asking for your details, delete them immediately.
Browsing secured websites
Make sure that you enter secured websites and not end up entering spoofed sites. Simply put, always browse websites with Hyper Text Transfer Protocol Secure (HTTPS) instead of HyperText Transfer Protocol (HTTP). HTTPS ensures that the website is secure enough for browsing and that your information is safe. It protects data’s integrity and provides confidentiality. HTTPS encryption relies on Secure Sockets Layers (SSL) so that anyone in between the sender and recipient cannot decode the information exchanged.
Avoid public Wi-Fi
Although public Wi-Fi networks provide the great convenience, you must not heavily rely upon it as such connections also bring the security issues. As WPA2 wireless encryption protocol is secure than WEP and WPA, always connect to WPA2. However, most of the public Wi-Fi does not have secure wireless encryption protocol. Further, do not sign into your accounts for long.
Securing your payments
We are going digital, but that doesn’t mean that your valuable information cannot be compromised. For instance, when you purchase things online or dine out at your favourite restaurant, you opt for point-of-sale (POS) transaction. Point-of-sale completes a transaction and includes receipt printing, credit card processing, etc. and store customer data. This eases the online payment ecosystem; however, it also contains weak links which can be exploited. You must validate to ensure that you are swiping your credit card through a safe and secure point-of-sale.
Tip: Make sure that payment provider is Payment Card Industry Security Standards Council (PCI SSC) complaint
Install antivirus and use updated software
Install updated antivirus and anti-spyware software to prevent virus intrusion or malware attack. They protect you against spyware, keyloggers, Trojans, adware, worms, rootkits etc. Furthermore, to eliminate security vulnerabilities, always install latest updates and patch as soon as they are released.
In light of such incidents, the government has set up initiatives to extenuate the growing security threats and is taking more stringent actions as well. As we move towards digital transformation and the new economy, there is still a wide gap in data protection regulations which needs to be bridged. Threats are multiplying and addressing them; we need data protection frameworks to ensure that individuals and various entities are well protected against data breach. Additionally, as a step further, a parliamentary committee has suggested introducing a data protection legislation to ensure the security of confidential information. We have miles to go before these regulations become a reality, as of now, we should practice data protection tips to neutralize data breach.