Data breaches: should companies be doing more to protect our personal information?

Rights, Scams and Politics

Updated on 13 June 2018 | 4 Comments

We're constantly told to keep our data safe but, with more breaches than ever, shouldn't we expect companies to take more responsibility and do the same?

Hackers have accessed details of almost six million Dixons Carphone customers’ debit and credit cards.

The retailer has confirmed an “attempt to compromise” 5.8 million cards, which is believed to have begun last July but only came to light this week.

On top of the bank cards, a further 1.2 million personal data records were hacked.

These files contained details such as customers’ names, postal addresses and email addresses.

Dixons Carphone says it has no evidence of any fraudulent activity as a result but will be contacting those affected to inform them of the breach.

Insider tips from a hacker: how to keep your personal info safe

This should not be happening

The Carphone incident is worrying, but what's really galling is that this is simply the latest in a long list of data breaches in recent times.

Notable lowlights include credit report giant Equifax having the data of at least 143 million customers stolen, while the major Yahoo! data breach meant that all three billion of its user accounts were affected, although the stolen data didn’t include passwords or payment details.

And these are just the ones that make the front pages. At the other, less-reported end there’s a constant flood of firms admitting they failed to keep their customers safe.

For example, Pizza Hut revealed last year that its website and app had been hacked, potentially compromising data including delivery addresses and card numbers.

And Wonga revealed in the spring of 2017 that a data breach may have compromised the financial information of up to 245,000 UK customers.

Frankly, you should be able to use your email, order a pizza and manage your money without the risk of a data leak.

Check your credit report for anything suspicious

Corporate responsibility

As customers, we need to demand that firms keep our data safe and innovate to make it easier for us to protect ourselves.

They are the businesses with the innovation and research budgets, after all; they need to make us a priority.

Emma Mohan-Satta, fraud prevention consultant at Kaspersky Lab, told me: “Financial providers need to continue investing and researching to ensure they are using fraud prevention solutions that are keeping up and keeping their customers protected.

“As new technology emerges, it’s important that financial providers also think about options for making the digital experience easy for customers while still protecting them from fraud.

"For example, behavioural biometrics can be a great ‘invisible’ indicator of whether the genuine customer is accessing the account but doesn’t require any additional action from the customer themselves.

“Financial providers should also educate customers on the latest attacks and offer advice on how to safely use online and mobile services so that consumers can be better informed and help in keeping themselves protected.”

Too right. More responsibility for them and more information and education for us. It is the only way we will keep safe from fraudsters.

Read: what new data privacy laws mean for you

It’s just getting worse

You might like to think that there’s steady, ongoing improvement in the fight against data criminals. After all, surely firms are getting better at securing sensitive information and customers are increasingly good at staying clear of compromising situations?

However, the US-based Breach Level Index, a global assessment of compromised data records, there were more data breaches in the first six months of 2017 than in the whole of 2016.

The data provided by the index is staggering. Less than 1% of the stolen, compromised or lost records were encrypted. Encryption would mean the thieves would be unable to use the data.

In the report, created by the company behind the index, Gemalto, the message was clear – poor internal security is helping fuel the rise in data theft.

Let’s be frank, it doesn’t matter how great our passwords are if the businesses we share our data with don’t do enough to protect our data at their end.

And finally

One last thought. It may seem as if everything is done electronically and online now. However, we are still at the beginning of our connected, digital era.

In the future, cars will be connected to one another, medical records will be connected via the web, even our smart houses and appliances will have an online presence.

Without far more serious action on the part of companies to keep our data safe and make that a priority, we face a future with even more fraud and all the resulting frustration, wasted time and lost money.

Not sure if you've been a victim of fraud? Check your credit report for anything suspicious

 

 

Comments

Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.

 

loveMONEY.com Financial Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) with Firm Reference Number (FRN): 479153.

loveMONEY.com is a company registered in England & Wales (Company Number: 7406028) with its registered address at First Floor Ridgeland House, 15 Carfax, Horsham, West Sussex, RH12 1DY, United Kingdom. loveMONEY.com Limited operates under the trading name of loveMONEY.com Financial Services Limited. We operate as a credit broker for consumer credit and do not lend directly. Our company maintains relationships with various affiliates and lenders, which we may promote within our editorial content in emails and on featured partner pages through affiliate links. Please note, that we may receive commission payments from some of the product and service providers featured on our website. In line with Consumer Duty regulations, we assess our partners to ensure they offer fair value, are transparent, and cater to the needs of all customers, including vulnerable groups. We continuously review our practices to ensure compliance with these standards. While we make every effort to ensure the accuracy and currency of our editorial content, users should independently verify information with their chosen product or service provider. This can be done by reviewing the product landing page information and the terms and conditions associated with the product. If you are uncertain whether a product is suitable, we strongly recommend seeking advice from a regulated independent financial advisor before applying for the products.