The recent national cyber attacks on Marks and Spencer and the Coop have resulted in empty shelves in some of Jersey’s supermarkets in recent weeks. However, while the lack of food has caused issues for Islanders, in the UK customers have been told that the attackers gained access to their personal data, including contact details, date of birth, and online order history.
These cyber attacks have shown that our personal data is vulnerable, and we need to protect it.
Our friends at the Jersey Cyber Security Centre, who, along with the Jersey Consumer Council and other local organisations and businesses, are a member of the Jersey Fraud Prevention Forum, have issued some important guidance on what to do if you think your data has been breached in an attack, as well as steps you can take to protect yourself against future attacks.
We thought we’d share the JCSC’s tips with you, to help keep you safe:
Look out for updates from the company
A company who has experienced a cyber attack should communicate directly with customers. They may email you, post on their social media channels, or issue statements to the media.
Make sure to follow all the advice they give in their communication.
Change your passwords
The company may not be able to confirm which accounts have been affected by the attack. But, as a precaution, you should change the password you use with that company. You should also make sure to have a good, unique password. Three random words can make a good password as the combination is easy for you to remember, but hard for an attacker to guess. If the password affected is one you use for other accounts too then you should change those as well.
Often, attackers who have your password will try logging into your other accounts, in case it gives them access, so it is recommended that you use unique passwords for all your accounts.
Use this opportunity to pick up good habits
You can take this opportunity to pick up good habits that can protect you from future attacks.
Firstly, if you’ve created good, unique passwords for your accounts, you may need help remembering them all. Password managers – like 1Password and LastPass – can help. They can suggest strong passwords, and store them securely. This means that you can create good, unique passwords, and not worry about forgetting them.
Secondly, you should set up Two Step Verification (2SV) for every account that offers it. 2SV – also known as Multi-Factor Authentication (MFA) – can help protect you against future attacks.
2SV asks you for an extra piece of information when you try to log in. This could be a PIN, a code sent to your email, or for a fingerprint or face scan. Even if a hacker has access to your password, they’re unlikely to be able to provide the second step. And that means they won’t be able to access your account.
Thirdly, check which of your accounts have appeared in data beaches. Visit haveibeenpwned.com to find out where your email address has appeared in a data breach, and what other information was breached.
You can also find more information about how you can protect yourself on the Jersey Cyber Security Centre’s website, jcsc.je or by emailing hello@jcsc.je or calling 500050.
Beware of travel scams
Watch out for Valentine's Day romance scams
Tips to protect yourself from Amazon impersonation scams