Happy New Year! Hopefully you followed our previous blog and took steps to ensure you didn't get hacked this Christmas. You have arrived back after the break relieved to find your company’s information is not lost, deleted or locked away. But does that definitely mean you can answer ‘no’ to the question ‘have I been hacked?’
A target for hackers
Hackers target your login details because they’re worth money on the dark web. Your email account login is worth about £1 and your Amazon login’s worth around £20. Hackers can quickly work through your logins and sell them for a profit.
Your business might not hold the kind of information that is of value but if hackers can access your system, they can send out emails that look like they’re yours (or even make a knock-off copy of your website). They can then dupe people that you deal with, and maybe access valuable information there. You could be compromising your clients and customers, employees and suppliers.
Of course, if any services you use experience a hack then they should let you know straight away. Sometimes, though, these messages can be confusing. If you receive a message that says your account has been hacked, it could even be a hacker trying to steal your login details! If you do receive an email saying your personal data might have been compromised, it’s best not to follow the links on the email. We recommend you go directly to the website of your service provider, log in there and change your password details immediately.
You don’t have to wait to receive an email though. You can check for freer whether your personal data has been compromised in a data breach on have I been pwned? This website lists the major hacks that have occurred in recent years. Enter your email address (whether it’s work or a personal one) and the site will list the places where your account may have been breached. It also highlights whether your account details have been seen on hacker posting sites.
What should I do if my account has been hacked?
There are three things you can do straight away:
If any of your accounts have been compromised (or you find them listed on have I been pwned?) log in to them and change the login details straight away. Make sure the new passwords are good ones.
Start to work through all your accounts and change simple passwords for better ones. Password manager Apps (like Dashlane, LastPass, OnePass – there are many to choose from!) can help you create complex passwords that are tough to crack, then the Apps remember them for you.
Make sure that your colleagues also use good passwords – it only takes one weak link in your business to give hackers a good place to attack.
Keeping your accounts safe and secure
A good range of secure passwords is essential to keeping all your accounts safe and secure – both personal and professional. Many people still use simple passwords which are easy for hackers to crack. Or people tend to use the same password for several accounts which means if any one of your login accounts is compromised then hackers can access all your accounts.
Good password practice is just one part of your data protection policy. If you need help or guidance on creating a robust data protection system in your small business, register for Astrid today and see how we can help.
Protect your business - become and remain GDPR compliant with Astrid