How safe is your data? Could a criminal have your details?

Identity theft and data breaches

Recently CEX, the used game and electronics company, confirmed it has been the victim of a data breach. Hackers got onto its computer systems and accessed consumer data including first names, surnames, addresses, email addresses and phone numbers.

Even more worryingly, it admitted that "in a small number of instances", customers lost encrypted data from expired credit or debit cards. CEX stressed that it did not have any current card data stored for customers' accounts. However, it is a useful reminder of how vulnerable our details can be, and the steps we need to take to protect ourselves from theft, fraud, and identity theft.

SEE ALSO: Why you shouldn't use public wi-fi for online banking

See also: Ransomware attacks on the rise: could you be a victim?

It's just one of a long line of customer data breaches. In 2017 there have been data breaches from the likes of Debenhams (26,000 Debenhams Flowers' customers), Wonga (250,000 customer records including bank account details, sort codes, addresses, email addresses and more), Three (data of 200,000 customers), and Abta (43,000 people who had complained about travel agents).

Ilia Kolochenko, CEO of web security company, says: "These days, data breaches have become a sad daily routine. They will likely continue their skyrocketing growth, bringing more and more financial and reputational damage both to the victims and breached companies. The core problem is the continuing ramifications of each breach – attackers may use compromised credentials, or other sensitive data, in password reuse and social engineering attacks years after the original breach. And the more breaches that occur, the more successful further attacks become as cyber criminals accumulate a huge amount of data about us."

Protect yourself

The best way to protect yourself is to use strong and unique passwords for each website you log into. It can be difficult to keep track of passwords, so many people use the same ones multiple times. However, if you do this, all the criminals need is to access it once - on the least secure website - and they have access to everything from your email to your bank account.

Kolochenko says it's also sensible to provide as little sensitive, or confidential, information about yourself as reasonable in all your online accounts. That way, if someone does get into your account, there's a limit to how much information they can find out about you.

After a breach

If you have been the victim of a data breach, there are five key steps.

1. Find out exactly what information has been stolen. If it's limited to your name and address, it's annoying, but it's no more than used to be printed in the phone book. However, there are other details that may not seem terribly dangerous, but can be a real pain, These include your date of birth (because it's often used to verify your identity) and email address (which could mean you get far more spam). In the worst cases your credit or debit card details will be leaked, your bank account details, National Insurance number, passwords, or the security code from the back of your credit card. If a combination of these things are stolen, it will leave you wide open to identity theft.

2. However, valuable the data that has been stolen, you'll need to change your password - and anywhere else you used the same password. This is a good time to come up with unique passwords for all these accounts.

3. It's also worth changing your security questions and answers, because otherwise the hackers may simply be able to answer the questions and change your password again.

4. If your financial data has been stolen, contact the financial institutions involved. You may need to get a new card, you may need to change your account, and you may also have an alert placed on your account - to show the account is at risk of fraud and alert the bank to keep alert to the potential risks.

5. Finally, contact the credit reference agencies and ask for a fraud alert to be put on your account. This will alert them to the risk that someone will try to steal your identity, or set up accounts or loans in your name.

Victims of scams and fraud
See Gallery
Victims of scams and fraud
Susan Tollefsen, Britain's oldest first time mother, was scammed out of £160,000 by a fraudster she met on an online dating site. A man claiming to be an Italian gold and diamond dealer told her he was in the middle of a land deal but couldn't access cash. Tollefsen felt sorry for him and started wiring him money, eventually selling her jewellery, her flat and borrowing £32,000 from friends to give him. Read the full story here.
In March 2015 an American woman who was only identified as 'Sarah' went on the popular US television programme the Dr Phil Show to reveal she had sent $1.4 million to a man that she had never met. Although she was certain she wasn't being scammed, her cousin made her go on the programme because she was convinced it was a scam. Find out more about the story here.
Maggie Surridge employed Lee Slocombe to lay a £350 deck in her garden in March 2015. However Slocombe used a combination of lies to scam Surridge out of thousands of pounds. He told Surridge that the front and back walls were dangerous and needed rebuilding and also conned her into building a porch, all for the cost of £8,500. Read the full story here.
It's not just individuals who can be the victims of scams, big corporations can also fall foul of these fraudulent practices. In 2015 Claire Dunleavy repeatedly used a 7p 'reduced' sticker to get significant amounts of money off her shopping at an Asda store in Burslem, ending up with her paying just £15.66 for a shop that should have cost £69.02. Read the full story here.
Sylvia Kneller, 76, was conned out of £200,000 over the space of 56 years thanks to scam mail. The pensioner became addicted to responding to the fraudsters, convinced that she would one day win a fortune. Ms Kneller would receive letters claiming she had won large sums of money but she needed to send processing fees to claim her prize. Learn about the full story here
Leslie Jubb, 103, became Britain's oldest scam victim in August last year when he was conned out of £60,000 after being sent an endless stream of catalogues promising prizes in return for purchasing overpriced goods. The extent of this con was discovered when Mr Jubb temporarily moved into a care home and his family discovered what he had lost. Find out more about this story here
Stephen Cox won more than £100,000 on the National Lottery in 2003 but has been left with nothing after falling victim to two conmen. The 63-year-old was pressured into handing over £60,000 to the men who told him his roof needed fixing. They walked him into banks and building societies persuading him to part with £80,000 of cash while doing no work in return. See the full story here
Last year the Metropolitan Police released CCTV footage of a woman who had £250 stolen at a cash machine in Dagenham. The scam involved two men distracting the woman at the machine, pressing the button for £250 then taking the money and running away. Read about the full story here.
Rebecca Ferguson shot to fame as a runner up on the X-Factor in 2010 but fell victim to a scam artist last year when someone she had believed to be a friend conned her out of £43,000. Rachel Taylor befriended the singer in 2012 and claimed to be a qualified accountant, so Ferguson allowed her to look after her finances. Instead of doing this Taylor stole £43,000 from the Liverpudlian singer. Read more here
When Rebecca Lewis discovered her fiance had started a relationship with a woman he met online she packed her bags to leave. But that didn't stop her checking out the mystery woman, Rebecca quickly realised Paul Rusher's new love was actually part of a romance scam. She told Paul just before he sent the scammers £2,000 which was supposed to bring his new girlfriend to England. Find the full story here.

Read Full Story