People everywhere are worried about keeping their private data confidential when using digital technology, but convenience usually outweighs concern people have about encryption and what happens after sensitive information becomes public. How is your data being gathered? What do companies or governments who harvest personal information do with it and what happens when a hacker gets your details?
People would be surprised to know how data is collected and what’s done with it. Let’s examine some of these questions to further understand why safeguarding your personal data is crucial.
Governments worldwide use the power at their disposal to gather data on citizens who they perceive to be a threat, like activists, political rivals, journalists and others. Vice reported that border agents seize tens of thousands of digital devices every year from travellers, even when they haven’t been charged with a crime.
The information extracted from these devices is then uploaded into a searchable database and retained for up to 75 years, including sensitive information like GPS history, text messages, emails, social media posts, photos, transaction records, financial accounts and more.
The idea of a centralized collection of personal data gathered from people who aren’t even charged with a crime is disturbing. Can an entity that goes to such elaborate lengths to compile this much sensitive data on innocent people be trusted to use it responsibly?
Corporate Data Harvesting
Most free app developers tell users they take digital security seriously, often proclaiming their product has “end-to-end encryption.”
However, while many do use encryption on data in transit, none of these free apps can promise encryption at rest. And the majority have policies to sell the data they collect from users to third-party marketing companies. Sometimes, users don’t realize how much personal information they turn over to companies when they agree to the permissions on these apps.
This is potentially dangerous. The stakes are high when hackers obtain all the information available from millions of people. In June 2020, the data from one-fifth of all Facebook users appeared for sale on an online forum. By April of the following year, a dataset of 500 million Facebook users became available for free to download by anyone online.
Hackers want to make money from the data they steal, but they also make it widely accessible to large numbers of people to increase their prestige within the hacker subculture. In other words, they’re leveraging stolen data for profit, but they’re also driven to give it away for free.
Companies and businesses need privacy to keep up with digital threats, staying a step ahead instead of constantly being a step behind. It’s all too common for people to conduct business through platforms where leaks have occurred.
Secure features such as ChatMail encrypted calling let managers and executives keep up with the pace of business in a way that’s fundamentally safe. It’s essential to avoid using third-party platforms that put them at risk. Using a platform with features that are built for security from the ground up keeps you connected without risking your privacy.
What Can Happen to Stolen Data?
Companies that harvest data may use it in a way that negatively impacts your business. What happens to your data after a breach? Back in 2015, researchers sought to answer this question by posting fake employee credentials online to an anonymous dark web file-sharing site, which they would then track to learn where stolen data goes.
Embedding a hidden watermark in files the researchers were able to find out information about the person who opened it, including their geolocation, IP address and device type. In just a few days, the data reached more than five countries on three continents and gained over 200 views. Less than two weeks later, it reached more than 22 countries and had over 1,000 views.
Deeper analysis revealed a high rate of activity among two cybercrime syndicates from Nigeria and Russia. The dark web’s organized marketplace for criminal activity includes data harvested from breaches. These data resellers are even formalized to the point where suppliers, who number in the hundreds, have user reviews from people who have purchased their stolen data.
In 2020, Verizon concluded in a study that most data theft is driven by financial motives rather than mischief or grudge settling. Typically, hackers steal data then ask for ransom, or they’ll sell the info they stole on the dark web. Financial hacks are six to seven times more likely to occur than those driven by ideology or something else.
High-profile hacks like the one conducted in 2014 against Sony had a double effect: the hackers threatened to publish sensitive information unless their demands were met and once they were, the hackers published the stolen data anyway. Sony had to pay millions to compensate employees whose data was stolen and published online and suffered vast economic and operational damage.
Companies like IBM are now opposed to paying a ransom because there’s no guarantee the hackers will deliver on their promise. How trustworthy can data thieves possibly be?
Sometimes the hacker doesn’t steal information but prevents users from accessing their own computer until they get a ransom. Even in these cases, the payment isn’t the only problem.
Ultimately, once you’ve been hacked, the best possible outcome is still quite grim. Using an encrypted phone line on a platform designed for maximum security prevents this scenario from even arising.
Trying to find out what happens to your data after a breach is not something you want to experience. Best to heed the warnings and use a hardened device with security features that intentionally doesn’t allow third-party apps, to ensure your privacy.