We are only 2 months in to 2014 and there have already been a significant number of major news stories about data theft and online security so I thought Iâ€™d round some up and give some tips that will help you to stay safe.
- February 25thÂ 2014, cyber security company Hold Security LLC said that it had uncovered 360 million sets of customer account data available for sale through cyber black-markets. These are new discoveries and represent a fresh risk to security.
Typical data includes email addresses, user names and passwords.
Hold Security LLC believe that these thefts are yet to be publically reported by the organisations who were hacked.
- February 14thÂ 2014 Tesco announce that the details of more than 2,200 Club Card accounts were published on the internet and a number of Club Card points had been stolen.
Itâ€™s important to understand that Tesco has not been hacked. Rather, criminals purchasing data related to other security leaks will simply run email address and passwords combinations against websites such as Tescoâ€™s Club Card site to see which of them work. A small number obviously do and have permitted unauthorised access to user accounts.
- February 14thÂ 2014 Barclays announce the theft of 25,000 customer files, including sensitive information such as passport and National Insurance numbers as well as account data.
How do we know? Well, a number of companies have looked at stolen data and itâ€™s been revealed that the No.1 password in use during 2013 was â€œ123456â€. The No.2 password was â€œpasswordâ€, No.3 â€œ12345678â€, No.4 â€œQwertyâ€ and No.5 â€œabc123â€
So how do you minimise the risk to yourself.
Well, itâ€™s really easy â€“ you just need to use a different password for every different website and account that you have. I know the message is old but itâ€™s becoming increasingly clear that the message is not getting across and people are getting hit.
Of course, itâ€™s challenging to remember the tens or hundreds of passwords that we use on a daily/weekly basis so you need a tool to make the task easier.
The two most popular approaches are either to use a Password Vault â€“ a piece of software that runs on your computer/phone/tablet which securely stores all your vital information and, in some cases, can be used to produce a really strong password every time you need one or you could use a â€œSeedâ€ word or phrase that you amend every time you need a new password.
For a seed you could think of a line from your favourite song, perhaps the first line of Bridge Over Troubled Water â€“ â€œWhen youâ€™re weary, feeling smallâ€ for example. Take the first letter from each word â€“ Wywfs and substitute a letter with a number, 5 for s for example, so your seed is Wywf5.
Now letâ€™s image that you want a password for Tesco, take â€œTescoâ€, substitute numbers for lettersÂ â€“ T3sc0, split it and add the letters to be beginning and end of your seed, Â T3Wywfs5c0. Now have a password that will take 6 years for an average PC to crack. Add a symbol, such as â€œ!â€ to the end, T3Wywfs5c0! and it will take 4 million years for the average desktop PC to crack.
Thatâ€™s your personal security dealt with. If you are worried about security for your business, I can help there too. To learn more please give me a call on 01793 238020 or emailÂ firstname.lastname@example.orgÂ to start the ball rolling.
Â PS. Just make sure that you have a remote wipe utility installed on your phone/tablet so that you can remotely erase the data should your phone be lost or stolen.