Consumers still failing to protect their own personal data

According to a leading security adviser at People Security, the proliferation of social networking sites and the careless use of their platforms by unsuspecting consumers is putting personal data at risk. During a speech at the European RSA Conference, Hugh Thompson outlined three techniques by which publicly available data harvested online could be used against the average consumer.

The first two techniques both involve the conversion of public data into private data; primarily by direct means and also through cumulative data strategies. This involves extrapolating private data from existing public data through combining various pieces of personal information. This can be used to find out credit card numbers, amongst other things.

The last of the trio of techniques is frequently used by the media in building stories from limited information. By collating data from various sources it can be possible to analyse and construct a larger picture. Thomson used the example of multiple executives from the same company seeking recommendations simultaneously. This would suggest that they were jumping ship to avoid disaster at a particular firm, rather than simply looking for a career change. This shows how publicly available data can be used to form a picture of a private individual’s situation if publicised carelessly.

Thompson identified one final weakness relating to online password systems operated by many sites. The ability to reset the password of an account with minimal information, often only the email address of the user, by using the ‘forgotten password’ function, is ripe for exploitation. Former Republican vice-presidential nominee Sarah Palin was subjected to an attack of precisely this nature during last year’s campaign.

Thompson did not offer solutions to all of the issues he raised. Rather, his intention was to raise awareness of the wider issue of personal data protection. One suggestion that anyone can follow in assessing their own vulnerability is to spend some time Googling their own name. Thompson believes that many will be dismayed as to the level of information that can be identified in this way, much of which could prove useful to a potential identity thief.

Leave a Reply

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal