In the last 2 years there has been more data recorded than in the previous entire existence of mankind
Data breaches are occurring with frequent abundance but notably recent Big data breaches such as Yahoo with 3 billion user accounts and Equifax the credit reporting agency breach affecting about 143 million customers earlier this year
Once acquired stolen data is typically sold on the Dark Web, which is a vast marketplace for anything and everything illegal. The cost of purchasing information depends on availability i.e massive data breaches flood the market and reduce the cost and the type of information. Full Credit card details including card number, CVV, name etc could vary between $13 ( in equivalent Bitcoin) to $21 depending on the value of the account, online account information can sell for more, from $100 to $1000 for large accounts (according to publicly available information).
Protecting your data:
Manage your account passwords especially your email account, regularly update them. I find the best approach to remembering passwords and one of the most secure and hardest to break are long phrases strung together like “iwouldratherbefishing” or the lyrics from your favourite song …
Avoid opening email attachments and clicking on malicious links. This is the most common entry point for malware entering your computer systems. Social engineering of phishing emails designed to make you click or respond has come a long way. Gone are the days of the obvious to detect poorly constructed and grammatically incorrect phishing emails, more likely than not they will be a near perfect replication of an email you would expect to receive from one of your suppliers like a bank or courier company.
There are software applications like Microsoft Advanced Email Treat protection” that can help protect your staff from clicking on malicious attachments or links”
Don’t visit or use websites that are not secure, look for a padlock that is closed to the left of the URL, this ensures traffic to and from the website is encrypted and the web host has applied an SSL encryption certificate. Websites that are not SSL protected are more likely to get hacked.
Websites that have been hacked with malicious content can infect any visitor to the website in what is known as a “Drive By Attack” where merely visiting a website can be enough to infect your computer systems especially if you are using outdated web browsers or older operating systems. For this reason it is important to ensure your web browser and operating systems are modern, up-to-date and fully patched!
When visiting websites you interact with you should check their sites security policy so you understand what information they are collecting about you and how this information will be used.
Bookmark sites you use for online shopping or frequently use, this is to help prevent you from being tricked to access a socially engineered website that pretends to be something it’s not
Limit your exposure on social networks by tightening up your security settings on these sites. Most social media sites now enable you to define your security according to your personal preferences. Be careful about how much information you post about yourself… like your location “ Hi I’m on holiday overseas for 3 weeks” “just moved into my new flat at 100 OpenHouse Street” or financial information “just won 1st division Lottery retiring tomorrow”
The value of stolen data and the occurrence of massive data breaches isn’t going to disappear, it’s up to the individual and the responsibility of businesses to take steps to protect your data!