Imagine logging into your online banking account only to find that your entire savings have disappeared. Or, going to log into your email account only to find that the password has been changed without your knowledge and some stranger now has access to your entire email history.
Unfortunately, this type of situation is not uncommon. Online identity theft — when a cybercriminal gains access to your personal information to steal money or gain other benefits — is a very real problem that many individuals are now having to contend with.
Given the amount of time we spend online and the kind of personal information that we share with websites, social media platforms, and online stores on a daily basis, it is no surprise that cybercriminals see identity theft as a viable and profitable form of crime. For victims, the consequences of this illegal behaviour can be devastating.
So, if you have just been informed that your information was illegally obtained in a data breach, read on to discover what your next steps should be.
What do cybercriminals want with my personal information?
A good question! Hackers are typically looking for personally identifiable information so that they can gain access to financial accounts or sell that information onto other online criminals.
Personally, identifiable information can include your:
- Name
- Date of birth
- Driver’s license number
- Address
- Place of birth
- Credit card details
- Tax file number
- Medicare number
- Passport information
- Online account login details (for social media, email etc.)
If the hacker chooses to sell your information onto others, they will typically do so via dark web forums. What is the dark web? Well, it’s a part of the internet that is inaccessible via normal search browsers and is often associated with illegal activity — including identity theft and the sale of personal information.
Your data can fetch quite a profit when sold through on the dark web.
Warning signs of identity theft
In Australia, and many other parts of the world, companies are required to inform customers if their information has been stolen in a data breach. Unfortunately, many businesses don’t realise that they have been targeted until it is far too late.
With that in mind, keep an eye out for these classic warning signs that you are a victim of identity theft:
- There is unusual activity on your credit or debit cards
- You receive bills for purchases you have not made
- You are contacted by debt collectors
- You are refused a loan due to bad credit (that you knew nothing about)
- A government agency informs you that you are receiving a benefit that you never applied for.
My data has been stolen — what should I do?
First things first — make sure you have a good support network around you. Identity theft can be stressful and have devastating consequences. If you are feeling overwhelmed and upset by what has occurred, reach out to friends, family, and professional services.
Your next step should be to contact your financial institutions and let them know that your information has been breached. Your bank and credit card provider will have a standard set of steps that they follow in this situation — it may include cancelling your card, shutting down your account, and monitoring your activity for further suspicious behaviour.
You should also reach out to experts who specialise in identity theft. In Australia and New Zealand, IDCARE is the company that you are looking for. IDCARE is Australia and New Zealand’s national identity and cyber support service and can provide response strategies for both individuals and businesses who are victims of a cyber breach.
Finally, you should look to prevent the situation from occurring again. This can be difficult — in many cases, it is not your fault that your information has been stolen by criminals and is now on the dark web. However, there are strategies that you can employ to reduce the severity of the damage:
- Practise good password security: Never use the same password for multiple accounts/devices and ensure that your password is strong and difficult to crack. Don’t use any easily guessed personal information in your password (such as your name or date of birth) and consider using a password manager to encrypt and store your login credentials.
- Use a separate credit card for online purchases: First up, never use a debit card when shopping online. A credit card has added security features and in some situations, your credit card provider may be able to reimburse you if your card is stolen and used by others. Plus, using a separate credit card for all online purchases means that your savings are completely safe.
- Invest in dark web monitoring: Dark web monitoring is an invaluable security tool offered by many internet security providers. Should your information be breached and uploaded to the dark web, your security provider will alert you so that you can take appropriate steps to mitigate the damage.
In the digital age, identity theft is an unfortunate reality that many of us have to deal with. Knowing what steps you should take in the case of a data breach (and making the most of dark web monitoring) is a small thing you can do to protect yourself online.
 is a small thing you can do to protect yourself online.){kind=link}