Data breaches are not a new thing. Software and online companies are rich pickings to hackers and if they can find a way to breach and get that data, they will.
Most people assume data breaches won’t happen to them. Like car accidents, no one expects it until some idiot rear-ends you. Rather than waiting until you get hit, it’s a good idea to be aware and do some checking.
Your data is big business
One of the reasons some people seem to think data breaches and hacks won’t happen to them is because they aren’t a big business, they aren’t the government or any high interest organisation. So who’d bother with them?
Criminals. Criminals would bother with you. Hackers don’t just go after the big targets, and breaches happen in all sorts of places. So stay alert and do what you can to keep your data safe.
I use a monitoring service that informs me if my email addresses and passwords have been leaked. I get a message if there’s a breach and they tell me which program had the breach.
So when one of my passwords was in a data breach recently, I was given a quick heads up. This allowed me to check to make sure there were not pastes.
I then changed my password immediately for that email address.
I use Firefox Monitor, which gives you the option of signing up to receive alerts and also monitors multiple email address.
Have you been breached?
If you want to check your own email address, you can do so quickly with Have I Been Pwned?
This website will allow you to type in your email addresses and will inform you if there’s ever been a breach. You can also check any passwords you use to see if they’ve been exposed.
For those who don’t know, a breach is where data, such as your email, password, name etc may have been inadvertently exposed.
This can happen when a system has insufficient protections, weaknesses in their security or have been hacked.
A paste is the term used when data has been “pasted” into a website where it can be shared publically. Sites like these are used by hackers in order to share personal data.
Protecting your Data
Email is used for everything, almost all sites now need you to log in to access something, even online shops rarely have the “guest” option and need you to create an account.
That’s a lot of online places for your email to be. Not to mention, many now insist on a phone number too.
So, how do you stay safe online? Remember you are at least partly responsible for protecting your own data so take it seriously.
It might be frustrating when we have to choose a password and you are given like a dozen rules to follow
- must have 2 numbers
- must have a capital
- must include a special character
- must be done during a full moon blood ritual
must be at least 100 letters long
But the rules ARE there to help keep you safe. People pick really dumb passwords…you know…like “password” or “iloveyou” or “qwerty”. By the way, these are in the list of worst possible passwords to use, so I hope none of you uses them.
Take your passwords seriously, make it complicated. There are programs out there that can run common words through to check passwords. So if you use a single word like “password” or “welcome” you’re just making it easy.
Who can remember all those complicated passwords?
I understand, but there are ways around that such as using a Password Manager (I’ll be discussing that in another article) or even writing the passwords down in a notepad.
Shockingly, this is actually pretty safe as long as you don’t carry it around with you when you go out! Data breaches are done online, not from people breaking into your home and stealing your password notebook.
This will also stop you using the SAME password on everything. Don’t get me wrong, even I’ve been lazy and used the same (weak!) password multiple times but I shook myself out of that habit and you can too.
Don’t use a single email for everything. Especially as some sign-ups just end up spamming you to death. Create either a temporary email such as GuerrillaMail that uses a disposable email.
Or have a separate email you use for all things sign-up-y. I am often asked to buy things for my mother. Since these places always insist on your signing up and then seem to take forever to delete your account/unsubscribe you – I use a separate email that way I’m not constantly wading through spam.
When I created this account, I also used false data so my real name, birthday etc is not linked to that account.
If you have access to enable multi-factor authentication then go ahead. This can be in the form of receiving a text or email that gives you a unique code for a short time.
This makes it harder for cybercriminals to get into your system.
Firewalls and Antivirus
A good firewall and antivirus program will often catch a questionable website. There are a lot of cloned websites and emails out there that look legit but aren’t.
Make sure your antivirus protection package includes the ability to catch these false websites before you go dropping in your data.
Hope you found this helpful everyone, and if you haven’t already, go check to make sure your emails haven’t been caught in a breach.