By Corien Vermaak, Cyber Security Specialist, Cisco South Africa
Recently we have seen an increase in cyber-attacks, both locally and globally. People are becoming more aware of the impact of data breaches. Yes, we all feel at risk, and with several companies breached being close to home, I have been asked many times what to do if you suspect your data was breached during one of the recent significant data breaches.
This article will attempt to give a few practical steps to manage risk when it comes to data breaches. In 2017 we saw the Master deeds breach – one of the most significant breaches which affected many South Africans. The Master deeds breach contained 27GB file called “masterdeeds.sql” which was a MySQL database backup file. This file included, among other information, 2.2 million email addresses of South African citizens.
Most recently, City of Johannesburg disclosed that they suffered a catastrophic ransomware attack which was far-reaching. According to the press statement issued by the City, the ransom notes read: “We also compromised all passwords and sensitive data such as finance and personal population information”.
According to the Identity Theft Resource Center, three data breaches happen every day, and over 4 million records have been lost in breaches globally in 2019. One of the critical issues is that we entrust our data to organisations, and this leaves us at risk if they do not take adequate security measures to ensure our data is protected. The question many people ask in the wake of such breaches is: what do I do now?
The first action is to determine, with near certainty, if you have been affected by the breach in question. Some websites are helpful in this regard, and I always advise clients to check the site haveibeenpwned. This site is an excellent resource for most of the significant and/or international breaches. However, in most cases, you will know by simple means of deductive reasoning. If you had a reason for doing business with the City of Johannesburg, for example, you may reasonably assume that your data has been affected. If it is possible to determine what data was affected, it is a good idea to try to determine what information the hackers have access to. However, this is not always plausible, and most organisations do not fully disclose the extent of the data breach.
Finally, it is advised that you inform your bank or financial service provider that your data was breached. I also recommend clients to check their banking statements regularly to ensure that no suspicious transactions are made. If you suspect that your credit card information was violated during the data breach, it is sensible to cancel the card and request a reissue to ensure data like CVV numbers are rendered useless.
Lastly, on the front of financial matters, it is imperative that you monitor your credit record. The reason for this is that stolen identities are used to get access to credit and loans. If you watch your credit record, this will enable you to become aware if the stolen personal data is monetised.
In summary, when you find out that you may be affected by a data breach, it’s a good start to try to determine if you are affected; however, this is not always possible. Immediately take action on changing affected passwords and finally, inform your bank and keep your finger on your credit record.