With the increasing integration of technology into our daily lives, personal security breaches have become alarmingly common. Where it was once standard to have separate devices for personal and work use, it is now the norm to rely on a single device for everything. This convenience is offset by the potentially devastating consequences of a compromised or stolen device, where both personal and professional information are vulnerable to exploitation. At Valkyrie, we routinely assist clients who have fallen victim to device theft. In one recent incident, an individual’s phone was stolen, criminals accessed his PIN, and compromised several apps, successfully transferring funds through various banking apps.
The individual was deeply concerned about being targeted by a criminal campaign, including phishing and potentially physical harm. Additionally, there were fears that personal and commercial information on the stolen device might have been accessed and shared. Concerns extended beyond personal safety to the reputational consequences for both the individual and their firm. In an era where reputation can be easily tarnished by exposed private information, protecting digital privacy is paramount.
Working with this individual, Valkyrie implemented a long-term security strategy. However, the incident highlighted the need to act swiftly post-incident to mitigate threats:
- Report the theft to local authorities and your IT/security teams to wipe the device, restrict access, and use location apps.
- Monitor financial accounts for unauthorised transactions and report suspicious activity to your bank.
- Update all passwords and PINs
- Use Multi-Factor Authentication (MFA) for all apps and services. Note that MFA is ineffective if a malicious actor has your phone since they can access your passwords and authentication. To prevent this, set your phone to lock quickly after inactivity and use fingerprint or face recognition whenever possible.
- Activate critical phone settings like ‘Find My Phone,’ data erase after failed attempts, disabling notification previews, and encrypting the device.
- Ensure sensitive data accessed by the stolen device is secure and review access logs for unusual activity.
- Conduct a security awareness session to prevent future incidents.
By acting quickly and taking these steps, individuals can protect personal information and mitigate reputational impact. This incident underscores our dependence on smartphones, which hold vast amounts of personal and business information. The key to safeguarding privacy is vigilance and proactive security measures, ensuring both personal safety and professional reputation remain intact.
Above all, take care of your device, stay proactive in your defences, and if the worst happens, act swiftly and decisively.
