Most of us tend to undervalue our personal information. It’s amazing how readily we entrust it to people we don’t even know. Most of us do it. 20% off an item of clothing, $100 cash back on electrical items, some other offer you can’t refuse. Just create an account, enter your email address, home address, date of birth, phone number, credit card details and your done. There are probably more than 100 online accounts each with a piece of valuable information about you.
Most online businesses have good intentions. They just want to email you their latest offers, make it easier for you to shop in their online store, or post you a voucher to get you into one of their shops. And we all love a bargain, so we agree to the terms and conditions and sign up. But if this weeks’ events at Cathay Pacific teach us anything, it’s that reputable companies with good intentions are still susceptible to a breach.
So what happens when one of these businesses has a breach? Well, it’s fair to assume that your personal information is no longer private and in the hands of cyber criminals. And while there’s little you can do about it now, other than cancelling your credit card, here are some steps you can take to limit the impact of a breach on your personal information.
Use a password manager
Cyber criminals want your email address and password because many of us tend to use the same ones to log into multiple online accounts. You may not be too concerned (or aware) that a small online store has had a breach because you didn’t provide your contact details or credit card number, but your password can potentially be used to log in to your email, online banking or other online services if you tend to use the same one in multiple locations.
While it’s not possible for us to remember 100 different passwords, you might want to consider using an online password manager. With a password manager, you can generate a random password for every online account you create. You don’t need to remember it. Just retrieve it from your password manager as required.
If one of your online services is ever breached, at least you can rest assured that the password use used for that account can’t be used to log into another.
Don’t provide unnecessary information
Just because you’re asked for information it doesn’t mean you have to provide it. Information such as your date of birth, address and phone number are sometimes used to verify your identity, and there’s no reason why this would be required when subscribing to a mailing list, for example. So if it’s not required, keep it to yourself.
Only provide personal information to a reputable company
Delete old accounts
If you’re getting emailed weekly by an online store because you ordered from them once about 10 years ago, then consider deleting your account. There’s no need for them to hold your personal information any longer and you can always sign up again if you need to.
Domenic has consulted to Australian businesses of all sizes for over 20 years, delivering end-to-end IT solutions. He has expertise in Information Security, Remote Access and Desktop Management, in addition to traditional cloud and on-premises infrastructure solutions.