Cybersecurity experts have urged the public to look out for suspicious emails and to change their passwords as part of new guidance on how to respond to data being exposed in a cyberattack.
The National Cyber Security Centre (NCSC) said it had drawn up the advice after 46% of UK businesses reported a breach or attack in the last year.
Published to coincide with Data Privacy Day, the guidance lays out how to respond when a data breach compromises personal information such as email addresses – for example, encouraging people to be alert to suspicious messages which talk about resetting their password or receiving compensation.
The guidance also calls on people to check their online accounts for any unauthorised activity and to contact their bank immediately if they fall victim to online fraud, as well as report it as a crime to Action Fraud.
This #DataPrivacyDay, why not take a look at our new data breach guidance to protect against the impact of having valuable data stolen by cyber criminals https://t.co/epHCUBeaKV#PrivacyAwarepic.twitter.com/MOvpTm7yJ5
— NCSC UK (@NCSC) January 28, 2021
Sarah Lyons, NCSC deputy director for economy and society, said: “With so many aspects of our lives now managed online, people understandably want to know that their personal data is secure.
“Data breaches against organisations might seem like distant events, but they can have real-world consequences to individuals.
“I encourage everyone to follow the steps in our ‘Data Breaches: Guidance for Individuals and Families’ to help you stay secure online.”
The latest tips follow the NCSC’s ongoing Cyber Aware campaign, which aims to encourage the public and small businesses to adopt six behaviours to protect their online accounts and devices.
The centre says following these practices would prevent the vast majority of cyberattacks.
The tips encourage people to use a strong and separate password for their email account and to base that password on three random words.
It also says people should save passwords in their browser and turn on two-factor authentication, as well as regularly updating their devices and apps and backing up personal data.