It was revealed on Tuesday 17 October 2017 that South Africa had been hit by the worst data breach in its history. The personal information of more than 30 million South Africans – more than half of the total population – was leaked online, potentially causing identity theft for each one of the affected individuals. The leaked data includes names, ID numbers, income information, employment history, phone numbers and home addresses of everyone on the list.
The leaked information, contained in a 27GB file dating to 2015, was discovered by an Australian Internet security provider, Troy Hunt.
“When a huge amount of personal information is stolen, it can be used to steal bank account information or open bank accounts in that person’s name,” said Marty P. Kamden, CMO of NordVPN (Virtual Private Network). “Cybercriminals are not different from thieves who break into someone’s house – they just operate on a much larger scale, and are therefore even more dangerous. Governments still struggle with solutions for such massive-scale hacks, so our advice is for people to take their privacy into their own hands.”
In this current climate of uncertainty following the revelations of the leak, NordVPN has identified steps that Internet users should follow regardless of whether they were affected by a data breach or not.
Here are the 9 security tips highlighted by NordVPN:
1. Use only https URL. Make sure all websites that you give your data to have the secure https URL. The ‘s’ in the URL means that it is a secure protocol and your data is encrypted properly.
2. Use a VPN (Virtual Private Network). VPNs connect you to the Internet through an encrypted tunnel. VPN server acts as a relay between the Internet and a company’s device, so nobody can see what data is being shared over the Internet. All that can be seen is that you are connected to a VPN server. A VPN service provider, such as NordVPN, can offer multiple benefits to small businesses and individuals, including secure data connections for remote workers and increased safety for business owners to share sensitive company data via an encrypted connection, so it’s not seen by any third parties.
3. Avoid downloading files from unknown senders. The rule is simple: if you are not familiar with the sender, better don’t click to download any attachments or any links they might be sending.
4. Update your firewall. Most systems have an automatically installed firewall–just make sure you follow up with its regular updates.
5. Use antivirus. Use an updated virus protection to make sure your system is protected from malware such as malvertising (advertisement online with malicious codes).
6. Strong passwords. Perhaps the most basic requirement for any online account setup is using strong passwords. Weak passwords make it simple for hackers to break into your system and cause severe damage.
7. Update your operating system. It sounds simple and easy to do, but sometimes we ignore the pop-up reminders for software updates. However, it’s one of the most important things to do with a computer, as the updates fix security vulnerabilities and system bugs.
8. Secure your mobile. If you are happy that your system is now secure, you might be forgetting one important part – your mobile devices. You probably store important passwords on your smartphone and other sensitive information, therefore, remember to encrypt your phone either.
9. Do not provide your private information to any third party. When you need to enter your personal data anywhere online, provide it only if it’s absolutely necessary. You never know where it will end up.