From the recently released Facebook user phone numbers headlines, to disclosed email communications between the Ministry of Defence and third parties, no organisation or enterprise is too powerful to protect against potential hacks. When companies leave their systems vulnerable, enterprise emails can be rifled through by cybercriminals seeking valuable personally identifiable information (PII).
This private information has become a currency of its own, with hackers auctioning off personal records to other criminals or simply using them in schemes of their own. Read on as we expose some of the common uses threat operators will find for confidential data that’s unique to you if they’re able to steal it.
What is PII?
PII includes all data that can be used to identify a particular person. Some examples are straightforward and simple like names, email addresses, telephone, passport and national insurance numbers and bank account numbers. However, PII can cover a diverse range of data including log in credentials, social media posts, digital images, and even biometric information.
What can hackers do with PII?
Along with selling on personal information as mentioned, threat operators may also use PII in identity crimes where they will benefit at their victims’ expense. Numerous online services require personal details and credit card numbers, and hackers may use stolen data to take out a line of credit in their victim’s name, running up debts and ruining financial reputations.
When the PII involves login details, hackers can access service, shopping, and bank accounts altering settings, making purchases, and even locking legitimate users out. PII is often sold on hacker forums to the highest bidder, with purchasers using the information for phishing attacks. These assaults will attempt to steal more personal information from them, like payment card details or credentials, to access other accounts.
If the PII involves content the person would prefer to keep from the public, they may find themselves also a victim of extortion.
How are companies put at risk by PII theft?
Using stolen PII hackers can target specific personnel members to trick them into imparting confidential information, or fool them into authorising the release of company funds. These tactics are known as spear-phishing or whaling, with criminals using this advantage to gain enterprise information or penetrate organisations to spy on them, or deploy malicious software like ransomware.
How can you protect your PII from prying eyes?
At Galaxkey, we have built our most secure platform for enterprise staff to operate safely. Our system offers users an easy-to-use encryption tool that enables them to make their communications and data stores entirely unintelligible to cyber thieves seeking to rummage through inboxes and servers for PII. With a simple drag-and-drop action, your team can encrypt data whether it is being shared, sent or at rest, keeping your company and staff safe.
Our platform has zero backdoors and never stores user passwords. Get in touch to today to experience its premium features for yourself and keep personal data private with a free online demonstration.