Data Breaches

​Are you managing a data breach?

✅Yes?  Follow this decision makers​ guidance

​​​

Received a data breach notification from?

✅ An affected organisation

✅ A password manager

✅ A service such as Have I Been Pwned

​​​​​​

​

Data Breaches can contain personally identifiable information such as:

⚠️ Names / Email addresses

⚠️ Home / Mobile phone numbers

⚠️ Physical addresses / Geo-location data / IP addresses

⚠️ Passwords / Security hints

⚠️ Financial data

​

​​​Each breach varies, however, even if a password was encrypted:

❌ Consider it insecure

❌ Update that password everywhere it was used

❌ Never use it again

​​​​​​

​​

If you are a victim of a data breach:

✅ Check where your details have appeared using a tool like Have I Been Pwned and don't forget to register for future notifications

✅ Consider Cifas registration to reduce the risk of becoming a victim of identity fraud

✅ Activate 2-step verification to prevent unlawful account activity

✅ Keep tabs on financial accounts by setting up alerts to notify you of any suspicious activity that might affect your credit score, e.g. Experian, Clearscore, Equifax

​

​​

​​​​​​​​​If you are involved in a data breach, you will highly likely be subject to scam attempts:

⚠️ Received a suspicious email?  Forward to report@phishing.gov.uk

​⚠️ Received a suspicious text message?  Forward to 7726

​⚠️ Received a suspicious call?  Text the word CALL and number to 7726

​⚠️ Someone trying to trick you into handing over money / personal details?  Hang up, call 159 to speak directly with your bank

​​​​​​​

​

Useful Resources:

⚠️ Downloadable guides to help avoid fraud and online crimes

⚠️ Playlist of awareness and training videos

⚠️ If you are high risk individual, consider this cyber security guidance

​​​​

​

Should you be involved in fraud / cyber crime linked to an account suspected of a data breach:

✅ Use the government reporting service to inform the correct person

​​​​​