Time to MOVEit: What You Can Do After a Big Hack!

Last month, over 230 companies across a myriad of sectors were affected by a significant cyber-attack after hackers found a way to break into the MOVEit file transfer tool, which is widely used by businesses to transfer secure and sensitive data. BBC, British Airways and Aer Lingus are among the big names to have been affected, with more than 100,000 people already receiving warnings that their personal data may have been accessed.

Suffering an attack like this is never a pleasant experience. Inevitably, many people around the UK will now have concerns about what happens next. If you’re unfortunate enough to find yourself in this situation, then it’s important not to panic. The good news is that there are some simple measures that you can implement to mitigate the worst effects of an attack, but it’s important these measures are taken quickly.

At SEON, we work with companies of all shapes and sizes to mitigate the chances of an attack like this happening in the first place. So, as a seasoned member of the online fraud and financial crime prevention community, I wanted to offer the five top tips to readers who may have fallen victim to last week’s events or are just generally scared about identity theft.

1. Don’t Panic, Assess the Damage

First things first, it’s important to try and remain calm in the face of potential identity theft. Having your personal information stolen can be very traumatic, but remaining level-headed can make all the difference to curbing the damage of an attack. What’s more, fraudsters will often deploy secondary attacks shortly after the initial theft, which victims must be cognizant enough to recognize, avoid and report.

Although it can be difficult, always take time to conduct a thorough assessment of the extent of the fraud. Review your financial accounts, credit reports, and any suspicious activity associated with your personal information. Document all fraudulent transactions, unauthorized access, or any other signs of misuse. This information can be crucial further down the line, so make sure you’re gathering it all together.

2. Contact Authorities, Notify Institutions

Dealing with identity theft can be extremely time consuming, but even little steps can end up saving substantial amounts of money in the long run. As with any form of crime, it’s important to report the incident to your local law enforcement agency, providing them with all the evidence and information you have gathered. This step is crucial in establishing an official record of the crime and may aid in future investigations.

Likewise, ensure that you’ve notified your bank, credit card companies, and any other financial institutions where fraudulent activity has occurred. Inform them of the situation, freeze or close compromised accounts, and work with them to secure your financial assets. In the aftermath of an event like this, you’re more likely to be a victim of further fraudulent attacks so make sure you’re extra vigilant for any suspicious activity.

3. Change Your Passwords

It might sound simple, but changing your passwords following an attack is an essential step. Look to change passwords almost immediately following a theft and ensure this effort extends to all online accounts associated with your personal information, including email, social media, and financial platforms. What’s more, utilize strong, unique passwords and enable two-factor authentication whenever possible to add an extra layer of security.

4. Speak with Credit Reporting Agencies

Once in possession of personal details, criminals move on to making use of them. Technically speaking, this is when identity theft becomes identity fraud. Worryingly, fraudsters can then use this stolen information to facilitate very costly attacks, such as loan frauds. As the name suggests, loan fraud involves somebody using a false identity to try and apply for a loan, or mortgage.

By contacting the major credit reporting agencies, alongside your bank and relevant local authorities, victims of identity theft can go some way to preventing this issue. Speak with providers and inform them that you would like to report identity theft on your account. Request a fraud alert be placed on your credit file, which can help alert potential lenders to verify your identity before extending credit.

5. Reinforce Security

As an online fraud and financial crime prevention company, so much of what we do is around ensuring that attacks like in the cost of the MOVEit hack don’t happen in the first place. However, unfortunate incidents do still occur in other cases. Ultimately, when they do it’s important to use such events as a reason to reassess your existing online security and to implement new, reinforced measures that better protect you in the future.

As mentioned, utilize strong, unique passwords wherever possible. Two-factor authentication is another critical component, helping to add an extra layer of security to operations that may make all the difference between fending off, or falling victim to an attack. Finally, ensure the internet-connected devices you rely on, such as your laptop, iPad or mobile phone are all updated with reputable antivirus software.

Identity Theft: A Growing Threat

More than ever, it’s essential that people know these important top tips. That’s because identity fraud continues to rise, with attacks like MOVEit becoming increasingly common. In fact, according to Javelin’s Identify Fraud study, 27 million consumers in the US alone were victims of identity theft scams in 2021. Specifically, recorded data compromises in the US increased by 68% between 2020 and 2021.

Likewise, people must be wary about the growth of synthetic identity fraud, which is also on the rise. This form of fraud occurs when fraudsters combine fake and real-person data together to form a new identity. Unfortunately, synthetic identity fraud can be harder to detect than standard identity fraud because it contains elements of real ID documents. The inclusion of these real details can help pass verification, whereas purely fake profiles are easily flagged.

However, by following the guidance listed in this article, those affected by any form of identity fraud should feel better prepared to prevent any further losses. High-profile hacks like MOVEit underline a growing challenge of our times and reaffirm the importance of modern online fraud and financial crime prevention platforms, and giving everyday people and businesses the advanced tools needed to fight back against fraudsters effectively.