The RCIPS Financial Crimes Unit issued a fresh reminder on Thursday (22 November) about protecting yourself online.
It comes as a significant amount of money was stolen after a historic online data breach.
The RCIPS did not share further details on the incident.
They have suggested you have a new password for every website you use, not to use your email address as a username and to be vigilant about changing your password if you experience a data breach.
If you are worried your email account may have been compromised, you can contact the FCU directly: RCIPS.FCU@gov.ky or at 949-8797.
See the full RCIPS statement below:
The RCIPS Financial Crime Unit has been made aware of an incident where a significant amount of money was stolen from a local individual as a result of their email information being compromised.
It is strongly suspected that the hackers were able to obtain the individual’s login information as a result of a data breach of a commercial website’s user database, which occurred several years ago. In light of this the FCU is taking the opportunity to remind members of the public to take steps to ensure the safety of their email and login information with the following tips:
1) As a general rule it is strongly advised to use an entirely different password for each website you use. You may wish to consider using a password manager to organize and retrieve strong passwords securely.
2) It is also advised to avoid linking your email address to websites through use of your email as a username, especially email addresses that are used to conduct sensitive business and financial transactions.
3) Most specifically, it is important to change your passwords immediately if a service you have been using experiences a data breach. If you are currently aware of any such breaches that may affect you and you have not changed your passwords yet, you should still do so immediately. It’s important to remember that even though a breach may have occurred some time ago, your information is still out there and could be used at any time. Just because you have not seen any suspicious activity yet does not mean it cannot still happen.
Because of the possibility that you may be unaware that a site you are using has suffered a breach, it may also be a good idea to proactively check an online breach database to see if any site you use has been compromised. One example is the website www.haveibeenpwnd.com , which can display any services associated with an email address you enter, and list which of those services has experienced a data breach. Again, if any of the sites which use that email address have been compromised, you should immediately change any passwords associated with that email address.