Millions unaware their personal details were hacked in recent cyber attacks, study says

More than half surveyed said they did not know their personal details were hacked in recent high-profile attacks
Dominic Lipinski/PA

Millions of British victims of data breaches are unaware their personal data has been stolen, according to research published today.

About 30 high-profile hacks over the past two years were analysed, including on TalkTalk, Yahoo, PlayStation, the AA and Three, with researchers calculating up to 77 per cent of Britons had fallen victim to cybercriminals.

However, of 2,000 customers of these firms quizzed for a survey by credit firm Noddle, 58 per cent said they did not know that their details had been compromised.

Personal information taken by hackers, which often ends up for sale on the dark web, has included names, addresses, phone numbers, bank account details and passwords.

But almost half of survey respondents who knew about the attacks admitted not changing their passwords or being vigilant for phishing emails, despite knowing the fraud risks.

Sixty per cent of customers surveyed said they had not been told by the companies involved and found out only when they read the news.

Noddle said this meant more than 21 million customers of the companies analysed did not know they were affected.

The survey was carried out before the data thefts at ridesharing firm Uber and credit agency Equifax, which suggests the figures could be higher. Noddle said people concerned that they were affected should check credit scores for unusual activity.

An overhaul of data protection laws proposed for next year will force companies to tell customers if there has been a significant breach of data. Firms in the UK that suffer a serious breach could be fined up to £17 million. The current maximum fine that companies can suffer for breaking data protection laws is £500,000.

The Information Commissioner’s Office will have its powers strengthened to help it police the regime.

Jacqueline Dewey, managing director of Noddle, said: “If your personal details are stolen they could be sold on and used to take out fraudulent credit cards, loans, a mobile phone contract or even a mortgage.”

Mike Haley, deputy chief executive of anti-fraud body Cifas, said: “Companies should ensure they are aware of the insider risk as well as doing more to protect and advise customers.”

Create a FREE account to continue reading

eros

Registration is a free and easy way to support our journalism.

Join our community where you can: comment on stories; sign up to newsletters; enter competitions and access content on our app.

Your email address

Must be at least 6 characters, include an upper and lower case character and a number

You must be at least 18 years old to create an account

* Required fields

Already have an account? SIGN IN

By clicking Create Account you confirm that your data has been entered correctly and you have read and agree to our Terms of use , Cookie policy and Privacy policy .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in

MORE ABOUT