Data Breach Guidance
You may find out you are involved in a data breach through a notification from:
✅ An affected organisation
✅ A password manager
✅ A service such as Have I Been Pwned
Data Breaches may contain personally identifiable information such as:
⚠️ Names
⚠️ Home or mobile phone numbers
⚠️ Email addresses
⚠️ Physical addresses, geo-location data, and IP addresses
⚠️ Passwords and security hints
⚠️ Financial data
Information in each breach varies, however, it is important to note that even if a password was encrypted, once involved:
❌ Consider it insecure
❌ Update that password everywhere it was used
❌ Never use it again
Things to consider:
✅ Guidance for business owners responding to a data breach
✅ Guidance for victims of a data breach
✅ Check if your details have appeared in any other public data breaches, there are a number of online tools that you can use, such as Have I Been Pwned. Don't forget to register for future notifications
✅ Consider registering with Cifas, to reduce the risk of becoming a victim of identity fraud
✅ Activate 2-step verification to prevent unlawful account activity
✅ Keep tabs on financial accounts by setting up alerts to notify you of any suspicious activity that might affect your credit score
If you are involved in a data breach, you will highly likely be subject to scam attempts.
⚠️ Received a suspicious email?
Forward to report@phishing.gov.uk
⚠️ Received a suspicious text message?
Forward to 7726
⚠️ Received a suspicious call?
Text the word CALL and suspicious number to 7726
⚠️ If you think someone is trying to trick you into handing over money / personal details?
STOP hang up, call 159 to speak directly with your bank
Should you be involved in fraud or cyber crime linked to an account suspected of a data breach:
✅ Use the government reporting service to inform the correct person
✅ If you think you are a victim of a sextortion scam, report it to your local police force by calling 101