Recent news reports detail how a lot of accounts have been released in a database available for download to hackers around the world. While many of those data breaches are old, it is still helpful to review your accounts and change passwords if warranted. We wanted to take a moment to provide you with some steps to check and fix this yourself.
So what is a data breach? Wouldn’t I be notified?
A data breach is when someone gains access to confidential information from a company. This may be protected personal information, passwords, or even financial data. Scary thought! But not all data breaches are equal. Some are notifications that encrypted information is lost. Maybe a laptop was stolen or a thumb drive was lost. But if it has strong encryption, it’s not as worrying as the unencrypted release.
So how do I know?
The best way is to monitor your accounts for use. If you have the option to turn on two-factor authentication, use it. A password is only part of the access with two-factor authentication. The other key is a code that may be texted to you or reside on your phone in a special application.
Another good option is to check your email address against a known database. One that we recommend is https://sec.hpi.de/ilc/ where researchers provide information on various data breaches in one location. When you type in your email address, they check the database and then report whether your email is part of a compromised data set. They provide good information about how many times your information has been released and by who.
If your information is part of a breach, change your passwords. Some of the information may be from older breaches, but better safe than sorry. Also, do not use the same password for sites. This is so important! Data online is never 100% secure. By using different passwords, you limit the amount of information that people can access should one site be hacked.
Need help remembering all those passwords? There are many password helpers out there for you. One that I like is LastPass at https://www.lastpass.com/. They provide a location to save your passwords and even help create new ones. The program will even give you the date of the last password change. No more guessing whether you changed that password or not. It is also more secure than choosing to save my password in your browser. (Which is a bad idea anyway.)