The National Cyber Security Centre publishes new Data breaches guidance on Data Privacy Day

The National Cyber Security Centre (NCSC) has today published new guidance to help individuals avoid being scammed following data breaches against organisations.

  • The National Cyber Security Centre (NCSC) warns the public of the threat to their personal data following cyber attacks or breaches after 46% of UK businesses reported incidents in the last year

  • New guidance published on international Data Privacy Day encourages people to look out for suspicious emails and consider changing passwords

  • Public encouraged to visit www.cyberaware.gov.uk for key advice on staying safe online

With nearly half of UK businesses reporting a cyber breach or attack in the past year, the National Cyber Security Centre (NCSC) – a part of GCHQ – has produced guidance to help individuals and families stay safe in the aftermath of a breach. Criminals can use information taken from a breach, such as email addresses, to send phishing messages to try and trick people into handing over sensitive personal data like credit card details. The guidance – published on international Data Privacy Day – explains what data breaches are, how they can affect people, and steps to take if their data may have fallen into the hands of cyber criminals as a result of a breach. For example, if people receive a message that includes a password they have used in the past, the recommendation is to change the password immediately to one that uses 3 random words. The majority of scams against individuals can be defended against the majority of the time by following the six behaviours set out in the cross government Cyber Aware campaign – and the NCSC is encouraging people to follow the advice set out at www.cyberaware.gov.uk.

Sarah Lyons, NCSC Deputy Director for Economy and Society, said: “With so many aspects of our lives now managed online, people understandably want to know that their personal data is secure. “Data breaches against organisations might seem like distant events, but they can have real-world consequences to individuals. “I encourage everyone to follow the steps in our ‘Data Breaches: Guidance for Individuals and Families’ to help you stay secure online.”

The guidance, Data breaches: guidance for individuals and families, sets out the steps to take if your data may have fallen into the hands of cyber criminals as a result of a breach, including

  • being alert to suspicious messages after the breach is made public which talk about ‘resetting passwords’ or ‘receiving compensation’;

  • receiving a suspicious message that includes a password you’ve used in the past;

  • checking for unauthorised activity on your online accounts, and;

  • what to do if you suspect an account of yours has been accessed.

Alongside the new advice, the NCSC is encouraging anyone who receives a suspicious text message – such as those relating to the NHS coronavirus vaccination campaign - to forward it to 7726. Suspicious emails should be forwarded to report@phishing.gov.uk. Those who do fall victim to online fraud should contact their bank immediately and report it as a crime to Action Fraud. The NCSC is also delivering the cross government ‘Cyber Aware’ campaign aimed at helping people in the UK to stay as secure as possible when online. The Cyber Aware campaign encourages the public and small businesses to adopt six behaviours to protect their online accounts and devices. These are:

  • Use a strong and separate password for your email

  • Create strong passwords using 3 random words

  • Save your passwords in your browser

  • Turn on two-factor authentication (2FA)

  • Update your devices and apps

  • Back up your data

The campaign is supported by leading organisations such as Microsoft, Vodafone, BT, ASOS, Barclays and Citizens Advice, who are actively helping their customers adopt Cyber Aware’s key behaviours.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

The Cyber Resilience Centre for the West Midlands is a trusted resource for  support to protect businesses and third sector organisations in the West Midlands region.

USEFUL LINKS

CONNECT WITH US

  • LinkedIn
  • Twitter
  • YouTube

© 2021 - The Cyber Resilience Centre for the West Midlands

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.