Data breaches: should companies be doing more to protect our personal information?

We're constantly told to keep our data safe but, with more breaches than ever, shouldn't we expect companies to take more responsibility and do the same?

Hackers have accessed details of almost six million Dixons Carphone customers’ debit and credit cards.

The retailer has confirmed an “attempt to compromise” 5.8 million cards, which is believed to have begun last July but only came to light this week.

On top of the bank cards, a further 1.2 million personal data records were hacked.

These files contained details such as customers’ names, postal addresses and email addresses.

Dixons Carphone says it has no evidence of any fraudulent activity as a result but will be contacting those affected to inform them of the breach.

Insider tips from a hacker: how to keep your personal info safe

This should not be happening

The Carphone incident is worrying, but what's really galling is that this is simply the latest in a long list of data breaches in recent times.

Notable lowlights include credit report giant Equifax having the data of at least 143 million customers stolen, while the major Yahoo! data breach meant that all three billion of its user accounts were affected, although the stolen data didn’t include passwords or payment details.

And these are just the ones that make the front pages. At the other, less-reported end there’s a constant flood of firms admitting they failed to keep their customers safe.

For example, Pizza Hut revealed last year that its website and app had been hacked, potentially compromising data including delivery addresses and card numbers.

And Wonga revealed in the spring of 2017 that a data breach may have compromised the financial information of up to 245,000 UK customers.

Frankly, you should be able to use your email, order a pizza and manage your money without the risk of a data leak.

Check your credit report for anything suspicious

Corporate responsibility

As customers, we need to demand that firms keep our data safe and innovate to make it easier for us to protect ourselves.

They are the businesses with the innovation and research budgets, after all; they need to make us a priority.

Emma Mohan-Satta, fraud prevention consultant at Kaspersky Lab, told me: “Financial providers need to continue investing and researching to ensure they are using fraud prevention solutions that are keeping up and keeping their customers protected.

“As new technology emerges, it’s important that financial providers also think about options for making the digital experience easy for customers while still protecting them from fraud.

"For example, behavioural biometrics can be a great ‘invisible’ indicator of whether the genuine customer is accessing the account but doesn’t require any additional action from the customer themselves.

“Financial providers should also educate customers on the latest attacks and offer advice on how to safely use online and mobile services so that consumers can be better informed and help in keeping themselves protected.”

Too right. More responsibility for them and more information and education for us. It is the only way we will keep safe from fraudsters.

Read: what new data privacy laws mean for you

It’s just getting worse

You might like to think that there’s steady, ongoing improvement in the fight against data criminals. After all, surely firms are getting better at securing sensitive information and customers are increasingly good at staying clear of compromising situations?

However, the US-based Breach Level Index, a global assessment of compromised data records, there were more data breaches in the first six months of 2017 than in the whole of 2016.

The data provided by the index is staggering. Less than 1% of the stolen, compromised or lost records were encrypted. Encryption would mean the thieves would be unable to use the data.

In the report, created by the company behind the index, Gemalto, the message was clear – poor internal security is helping fuel the rise in data theft.

Let’s be frank, it doesn’t matter how great our passwords are if the businesses we share our data with don’t do enough to protect our data at their end.

And finally

One last thought. It may seem as if everything is done electronically and online now. However, we are still at the beginning of our connected, digital era.

In the future, cars will be connected to one another, medical records will be connected via the web, even our smart houses and appliances will have an online presence.

Without far more serious action on the part of companies to keep our data safe and make that a priority, we face a future with even more fraud and all the resulting frustration, wasted time and lost money.

Not sure if you've been a victim of fraud? Check your credit report for anything suspicious




Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © All rights reserved.