7-step guide for you and your family after cyber attacks

Posted on by Anna

By Indelible Data Managing Director Tony Wilson

Your data has been involved in a cyber-attack – now what?

Another day, another high profile hack. I can sympathise with anyone feeling overwhelmed by the sheer amount of cyber-related news at the moment so I’ve created a 7-step guide for you and your family after cyber attacks.

The latest, at the time of writing, is the theft of personal information at the Legal Aid Agency.

Though we may feel we can only sit back and await further instructions after hearing of yet another breach, there are still important things we must do as customers:

  1. Change your passwords. Do this on the affected account and also on any other internet accounts where you may have used the same credentials (ensure every account has a unique password!). Remember, that the company suffering the breach may disable their systems, but if the hackers have your credentials, it’s a safe bet that they will be trying these on other government, retail and banking sites.
  2. Activate Multi Factor Authentication. Do this on the affected account, and all other accounts. This may be called 2-step verification on some websites. It means, even if the attackers have your password, they’ll need the secondary method (usually a code generated by your mobile phone) to complete the login process.
  3. Watch out for phishing emails. After a breach, we are expecting some form of email from the company to give status updates, and this is an ideal time for criminals to masquerade as the company, and hope that we follow the link on their email which may lead to a further compromise of our personal data.
  4. Don’t tell the world you’re a victim. Advertising on social media that your data has been stolen increases your risk of being targeted by criminal gangs that were unrelated to the hack. They now know to contact you, in an attempt to extort you, using information they pretend to have.
  5. Be wary of telephone calls relating to the breach. They may only have fragments of your personal information (such as username, date of birth and phone number) but they can use this to call you and fool you into giving important account information. Typically the script goes “Hi we are from [breached company]. To prove who we are, your username is [your username] and your date of birth is [your date of birth]. We just need to know we are talking to the correct person – could you confirm the memorable information you gave at signup? What was your fist school…..?”. What they are actually doing here is selecting “forgot username and password” on your behalf and getting you to answer the memorable information for them.
  6. Never trust a phone call or email stating your account has been compromised. Contact the company’s customer services department (found on their website) to hear it directly from them. Don’t be afraid to tell the person on the phone that you are doing this. Just take their name, let them know you are contacting the customer services department, check that the breach is real, and say you will ask them to put you back in touch. Any protesting from the person on the phone at this point is a good indication that it is a scam call. But even if they do protest, call the customer services department anyway for peace-of-mind, and also change your password.
  7. Check updates from a trusted source.  If it is a high profile breach, visit that company’s website directly (not following links in an email) to get updates and follow any guidance mentioned there. Well known news channels will likely give links to where you can find more information.

You can find more advice and guidance for you and your family on the National Cyber Security Centre’s website