Latest news with #personalData
New York Times
3 days ago
- New York Times
Your Phone Is Stolen. Your Laptop Gets Lost. Here's What to Do.
Miguel Porlan for NYT Wirecutter By Dave Gershgorn Dave Gershgorn is a writer covering monitors, laptops, and tablets. He is a certified display calibrator through the Imaging Science Foundation. Updated June 26, 2025 On a humid August night in Ferguson, Missouri, about 10 years ago, my phone was stolen. I was working as a photojournalist covering the protests against Michael Brown's killing, and amidst the bustle of the packed street, my phone was snatched out of my lap. I chased after the thief, but as we made a turn off the boulevard, and the streetlights grew sparse, I gave up. My phone was gone. That had never happened to me before, and I felt completely lost. I was far from my home in New York, I had no way to communicate with my family and friends and no way to get up-to-date information about what was happening around me, and I didn't have my saved travel plans or airline ticket home — or even any music. And suddenly all of that information was in someone else's hands. After I returned home, I bought a new phone and set it up from scratch. I still had my photos and contact data saved in Apple's iCloud, but to this day, I don't know everything I might have lost. A decade later, it's much easier to recover a phone — and all the personal information on it. Apple, Google, and Microsoft have each built location-tracking services, which allow you to track your device's last known location on a map in real time. Google added an AI-powered feature to Android phones that is designed to detect when your device has been snatched and locks the phone screen to make it harder for a thief to access your data. Although these tools give you options if your device is stolen, they don't ensure that your data is completely protected. Dave Lewis, global chief information security officer at identity security company 1Password, told Wirecutter that the average criminal might not be able to circumvent facial recognition or a fingerprint reader and will most likely flip the device to someone else for parts. 'But for an attacker with any sort of technical savvy, if they have physical access to the device, it's game over,' Lewis said. Today, I would do things differently, taking a few steps before my device is stolen as well as after. This is what I'd do. Explore all articles 1. Enable your device's Find My device-tracking tool. Finding your phone is easier if you have its Find My location-tracking feature enabled. Apple, Google, and Microsoft all have versions of this tool, which allows you to locate your device on a map, display a message on its lock screen, or play a sound on it remotely so that you can try to find it if it's nearby. We also recommend turning on a feature in iOS called Stolen Device Protection, which requires the person unlocking your phone to verify their identity with Face ID or Touch ID, wait an hour, and then verify again before being able to change sensitive information such as account passwords. Google has made a similar feature, called Identity Check, available for some Android phones. 2. Set your device to automatically create backups. Unless the phone's data is backed up, security experts told us that it's nearly impossible for the average person to retrieve information from their phone once it's already lost or stolen. If your phone is lost or stolen, you'll still be able to access data on Instagram or even your to-do list app, since most apps store information in the cloud and send it to your phone when you need it. But all the little things that make your phone yours, such as your settings and backgrounds, the way you arrange your apps, and anything you might have saved locally in your Files app, can be saved only if you've backed them up beforehand. Both iOS and Android let you schedule regular automatic backups of all your apps and settings, which is absolutely essential. If you have a recent copy of your backup and don't need any of the information on the phone, you can remotely wipe all the data off it without losing too much. Otherwise, you're stuck trying to find and recover your phone. 3. Encrypt and back up your laptop. It can be particularly challenging to recover data from a stolen or lost laptop, since you're far more likely to have saved files to its hard drive rather than storing them in the cloud. By encrypting your hard drive, which is an option in both macOS and Windows, you can prevent attackers from extracting that data with their own tools if they don't have your password. We also recommend backing up your important files to an external hard drive that you store in a safe location, so you can recover your photos and documents even if your laptop is gone for good. 4. Use a password manager. A password manager is an essential service that we recommend to improve your online security. (We recommend 1Password or Bitwarden.) It works by creating and autofilling unique passwords for all of your accounts, and in turn you need to remember and safeguard only the master password to the password manager. Your data stays encrypted until the master password is entered, and you can deauthorize the device if it's stolen or lost to remove the potential of your passwords being accessed altogether. 5. Turn off message previews and lock Control Center access. If anyone looking at your phone can see messages as they pop up, that means thieves can also see two-factor authentication codes. That gives the thief an opportunity to crack into any accounts that send you a code when you log in. iOS and Android both give you the ability to hide message previews until your phone recognizes your face. (If you mark your phone as lost in the Find My feature, that automatically turns off message previews remotely.) You can also turn off certain features of the lock screen, such as the Control Center, which gives quick access to Wi-Fi and other settings, until the phone has been unlocked by facial recognition. Share this article with a friend. Prevention, as they say, is the best cure, but life doesn't always unfold so neatly. If your phone, tablet, or laptop gets lost or stolen right this moment, don't panic. Here are the things you should do. 1. If your device was stolen, report the theft. Immediately after your device is taken, report it stolen to the police. If the missing device is a phone, report it to your cell carrier. Many carriers require you to give a previously established PIN to verify your identity and will then freeze your number (for more details, see information from AT&T, T-Mobile, and Verizon) until you add a new phone. The carrier will then block the old phone's unique serial number from connecting to its network. 2. Remotely lock down the device. If you enabled the Find My feature prior to the loss or theft, both Apple and Google give you options to remotely lock down your device. For an iPhone, you can visit Find Devices and mark the item as lost. For an Android phone, navigate to the Secure device setting in Google's location-tracking tool. Locking down the device makes it harder for thieves to access your Google account, pay using saved cards, or see alerts. 3. Revoke access to apps and remove multi-factor authentication. If a thief has your phone and is able to unlock it somehow, you should limit their ability to receive one-time passwords for your bank, for instance, or use applications that are permanently logged in. We recommend removing your phone as a multi-factor authentication device if you haven't turned off message previews as recommended above, if you have an easy-to-guess password, or if your cell phone line isn't frozen yet. Ronnie Manning, chief brand advocate for security key maker Yubico, separately recommends making a list of your most sensitive accounts, such as Google or Facebook accounts that you use to log in to other accounts, and then revoke your device from those accounts if it's stolen. You can usually find these settings under names like 'Account Access' or 'Security.' 4. Erase the device. With the Find My feature enabled before loss or theft, both Apple and Google will allow you to wipe data such as apps and photos from your stolen or lost phone while still being able to track it. Note that you should only wipe the device's data using the Find My feature, not fully remove the device from your Apple or Google account — that would allow the thief to set it up as new. Now, it's time to get a new phone or laptop. Luckily, we have some recommendations. This article was edited by Caitlin McGarry and Jason Chen.
CNET
3 days ago
- General
- CNET
Hallmark Plus and Starz in a Bundle? The Prime Video Add-On Subscription Exists
899 We and ourpartners store and access personal data, like browsing data or unique identifiers, on your device. Selecting I Accept enables tracking technologies to support the purposes shown under we and our partners process data to provide. Selecting Reject All or withdrawing your consent will disable them. If trackers are disabled, some content and ads you see may not be as relevant to you. You can resurface this menu to change your choices or withdraw consent at any time by clicking the Manage Preferences link on the bottom of the webpage [or the floating icon on the bottom-left of the webpage, if applicable]. Your choices will have effect within our Website. For more details, refer to our Privacy Policy. Our Privacy Policy
Yahoo
4 days ago
- Business
- Yahoo
‘Unsafe and risky': Singapore orders end to IC number use as authentication in private sector
SINGAPORE, June 26 – Singapore's Ministry of Digital Development and Information (MDDI) has reportedly urged private sector entities to stop using National Registration Identity Card (NRIC) numbers as authentication tools or passwords due to security risks. In a formal advisory issued today, the Personal Data Protection Commission (PDPC) and the Cyber Security Agency (CSA) advised organisations to cease using NRIC numbers to verify an individual's identity when granting access to personal services or information. 'While organisations may use NRIC numbers to identify who a person is over the phone or when using digital services, NRIC numbers should not be used to prove that a person is who he claims to be ... for the purposes of trying to gain access to services or information meant only for that person,' MDDI said as quoted by CNA. The ministry highlighted that some organisations still require individuals to use NRIC numbers, sometimes as passwords, to access personal documents such as insurance files. 'It is unsafe for organisations to use NRIC numbers in this manner because a person's NRIC number may be known to others, permitting anyone who knows his NRIC number to impersonate him and easily access his personal data or record,' the ministry said. MDDI called on organisations to stop using full or partial NRIC numbers for authentication, including setting them as default passwords or combining them with other easily obtainable data like birth dates. 'If it is necessary to authenticate a person, organisations should consider alternative methods, for example requiring the person to use strong passwords, security token or fingerprint identification,' it added. The government is working with key sectors such as finance, healthcare, and telecommunications to develop tailored guidelines on identity authentication practices. This comes as Singapore's Minister for Digital Development and Information Josephine Teo said in January that firms using NRIC numbers as authentication or default passwords must end the practice swiftly. The policy shift came after public backlash in December 2024 over a new Bizfile portal launched by the Accounting and Corporate Regulatory Authority (ACRA), which had exposed names and full NRIC numbers through its search function.
Malay Mail
4 days ago
- Business
- Malay Mail
‘Unsafe and risky': Singapore orders end to IC number use as authentication in private sector
SINGAPORE, June 26 – Singapore's Ministry of Digital Development and Information (MDDI) has reportedly urged private sector entities to stop using National Registration Identity Card (NRIC) numbers as authentication tools or passwords due to security risks. In a formal advisory issued today, the Personal Data Protection Commission (PDPC) and the Cyber Security Agency (CSA) advised organisations to cease using NRIC numbers to verify an individual's identity when granting access to personal services or information. 'While organisations may use NRIC numbers to identify who a person is over the phone or when using digital services, NRIC numbers should not be used to prove that a person is who he claims to be ... for the purposes of trying to gain access to services or information meant only for that person,' MDDI said as quoted by CNA. The ministry highlighted that some organisations still require individuals to use NRIC numbers, sometimes as passwords, to access personal documents such as insurance files. 'It is unsafe for organisations to use NRIC numbers in this manner because a person's NRIC number may be known to others, permitting anyone who knows his NRIC number to impersonate him and easily access his personal data or record,' the ministry said. MDDI called on organisations to stop using full or partial NRIC numbers for authentication, including setting them as default passwords or combining them with other easily obtainable data like birth dates. 'If it is necessary to authenticate a person, organisations should consider alternative methods, for example requiring the person to use strong passwords, security token or fingerprint identification,' it added. The government is working with key sectors such as finance, healthcare, and telecommunications to develop tailored guidelines on identity authentication practices. This comes as Singapore's Minister for Digital Development and Information Josephine Teo said in January that firms using NRIC numbers as authentication or default passwords must end the practice swiftly. The policy shift came after public backlash in December 2024 over a new Bizfile portal launched by the Accounting and Corporate Regulatory Authority (ACRA), which had exposed names and full NRIC numbers through its search function.
BreakingNews.ie
19-06-2025
- Business
- BreakingNews.ie
Quarter of adults pay little or no attention to how their data is used, survey finds
A quarter of Irish adults pay little or no attention to how their personal data is used by organisations, according to a survey. Fewer than one in five people said they pay close attention to how their data is used, with just 7 per cent of 18–24s saying they pay serious attention to the use of their data. Advertisement The State's data protection watchdog published its first public attitudes survey on Thursday as it launched its annual report. The online survey of 1,034 adults was carried out by FleishmanHillard and Empathy Research in May. It indicated that there was a 'significant level of concern' about how children's personal data is being shared and used online, with 77 per cent of respondents reporting being quite/very concerned. The second highest concern was over personal data being used to create a digital profile of you, which is shared with, traded or sold to others (76 per cent). Advertisement A further 61 per cent said they were quite or very concerned about the use of artificial intelligence (AI) and how it is applied. There was a slightly lower level of concern about social media and tech companies creating profiles to personalise content, and personal data being used for targeted ads (59 per cent and 58 per cent respectively). Fewer than one in five people reported paying close attention to how their personal data is used by organisations, with around a quarter admitting to hardly any or no attention at all. 'Most people occupy a middle ground of passive awareness, and levels of engagement vary by region and social class,' the research said. Advertisement 'This suggests that, despite growing concerns over data privacy, public attention to data use by organisations remains shallow, highlighting the need for greater education and engagement efforts.' Almost three in four adults said it was either quite or very important that organisations comply with data protection requirements, even if this causes a slight delay in releasing the product or service. Just under half of respondents said they were either very or quite knowledgeable on data protection. The Data Protection Commission's annual report for 2024 showed an 11 per cent increase in data breaches last year. Advertisement Of notified data breaches, half were due to correspondence being sent to the wrong recipient. The Data Protection Commission said among the issues featuring 'prominently' was correspondence sent to incorrect recipients because of poor operational practices and human error – for example, the wrong document in an envelope addressed to an unrelated third party. The DPC said it received 7,781 valid data breaches in 2024, of which 7,346 were General Data Protection Regulation (GDPR) notifications. The GDPR total was made up of 3,958 reports about the private sector, 3,137 about the public sector, and 251 from the voluntary and charity sector. Advertisement GDPR, a major part of the EU's data protection and privacy laws, regulates how people's personal data is used, stored and transferred. Ireland Data Protection Commission asked for extra €4m in... Read More Public sector bodies and banks accounted for the 'top 10' organisations with the highest number of breach notifications, while insurance and telecom companies featured prominently in the top 20. Dr Des Hogan, chairman of the Data Protection Commission, said: 'The protection of our personal data is more important than ever as our daily transactions now routinely occur through technologies. 'The DPC's wide range of activities during the last year points to how fair, consistent regulation can lead to individuals across Europe trusting that their personal data is being used in a lawful and safe manner and that they have control over their data.'
