Have any of your on-line accounts been compromised in a data “breach” or “paste”? How do you know? How do you find out?
First of all, let’s define the terms. A “breach” is an incident where data is inadvertently exposed in a vulnerable system due to security flaws or weaknesses. A “paste” is information that has been “pasted” to a publicly facing website designed to share the content. These types of sites are favored by hackers and are frequently where the first breach appears. Pastes are often transient, meaning they can appear briefly and then disappear.
You may see your email address appear on breached sites you don’t recall ever signing up with. This can happen when your data is acquired by another service, the service re-brands itself as something else, or someone else signed you up.
Compromised data can include email addresses, usernames, passwords, password hints, phone numbers, dates of birth, credit statuses, and other sensitive information. Some of the largest breaches have occurred in LinkedIn, Adobe, Dropbox, Exactis, and Apollo accounts, among many others.
To find out if you have an account that’s been compromised, start Here at Have I Been Pwned (HIBP), a free service for people to assess risk in relation to their account being caught up in a breach. The site offers more detailed info on breaches and pastes, as well as a list of FAQs.
HIBP also enables you to find out if your account was breached on a particularly “sensitive” (read: Adult) site that you may not want others to know about. A sensitive data breach can only be searched by the verified owner of the email address being searched for, which is done through a verification system with a unique link. There are currently 25 sensitive breaches in the system, which are listed on the HIBP website.
What should you do next? Sign up for KeePass, a free open source password manager, which helps you manage your passwords in a secure way. You can enter all your passwords in one locked database with only one master password to remember or one key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently available.
Read more about password safety Here.
If you have any questions, we’re here to help… send us an e-mail or give us a call! PC Therapist
PLEASE pass this on to family and friends.