Last week consumer data that may have been stolen from an FBI laptop was posted online. How do you guard your work computer?
A group of hackers claims to have stolen the IDs of 12 million Apple devices from an FBI laptop. Possibly yours.
These IDs are like serial numbers for iPads and iPhones – except they’re also linked to personal information, including cell phone numbers, addresses, user names, and other details that could be used for identity theft.
The FBI has denied both the theft and having the data in the first place. A company called Blue Toad that makes apps and digital platforms later claimed it was the one hacked. But wherever the data came from, hackers leaked what they claim are 1 million of those IDs, stripped of the personal data. You can find out if your device number was leaked at The Next Web. (They also tell you how to locate your number – it’s in iTunes.)
It’s not clear how the data was stolen – if the hackers were telling the truth about the method but not the source, then they exploited an outdated piece of software on an employee’s laptop. They could do the same to yours.
And there are easier ways a hacker can access your computer that not enough people think about. A recent CareerBuilder survey of more than 3,800 workers found a majority don’t lock up their laptop when away from their desk. Some freely shared their passwords and made other silly mistakes. Here’s what you can do to protect your computer (including your personal device)…
1. Use a complex password
Enable a log-in password on your computer if it doesn’t already have one. Make sure it’s not one you use elsewhere and not one you’ve shared with anyone else. The survey reports 27 percent have heard a co-worker give out a password – and 12 percent admitted to keeping the password written down nearby. Not smart, since your co-worker could be an identity thief.
The best passwords are long, contain special characters or nonconsecutive numbers, and either don’t use real words or are several words nonsensically chained together, something like: “wrenchsqueeze3ightmonkeyyel!0w.”
2. Maintain updated software
Nine percent of those surveyed admitted to downloading a virus at work. If your employer doesn’t provide antivirus software – or if it stinks – try Microsoft Security Essentials. It’s free and good. (Mac users, try Avast!)
Also keep any Web browser plug-ins you need for work – such as Java, Flash, and Adobe Reader – up to date. It’s a chore, but that’s exactly why hackers target them. CSO, a security and risk management publication, says these exploits can have high success rates because “users are not deploying the available security updates in a timely fashion.” If you can avoid using Java altogether, you should – lately it’s a hacker favorite.
3. Avoid suspicious links, websites, and attachments
Take extra care to avoid clicking sensational headlines on social media, and watch your typing: Going to appple.com instead of apple.com could put you at risk of a virus. Hackers snatch up these “typosquatter” domains you might accidentally visit. Also avoid opening email attachments from people you don’t know – because 18 percent said they did this or visited an unsecure website.
4. Prevent physical theft
Protecting your files online is important, but so is making sure somebody doesn’t walk off with the computer while you’re in the bathroom – 1 in 20 workers surveyed experienced such a theft. So get a laptop security cable (less than $15) and use it when you’re away from the computer. And don’t leave the laptop in your car.
5. Get tracking software
Get permission from your boss or IT guy to install software that can locate your laptop if it gets stolen – and possibly identify the thief through its webcam. There’s a free (or for multiple devices, cheap) program called Prey that works for most major operating systems. Check out this funny story I did about a guy who used it to catch a laptop thief from hundreds of miles away.
6. Separate personal and professional
The survey mentioned earlier found 48 percent had company info on their laptops, and 27 percent had client information. That might be unavoidable – but 18 percent also had personal financial details and other information – which is an unnecessary risk. Keep those files on your personal home computer or a removable hard drive.