Were you one of the "lucky ones" to have an on-line account compromised?
Updated: Feb 11
You did? Join the rest of us.
The first thing you did was to change your password, correct? Changed the login password for your email address and for the service which was affected by the breach.
Hopefully you said Yes.
When a company gets hacked and your email is compromised it’s a sad reality. Thousands of websites are hacked and our data they hold gets compromised. These have nothing to do with you, the user, being irresponsible. Companies can suffer embarrassing data breaches - either through having their servers hacked, human error, or staff misconduct.
To safely check if your details have been compromised, in the event you are not sure, check at the two below sites. These tools are not an active monitoring solution, but it’s useful to see where your email account details have been previously compromised.
https://haveibeenpwned.com/ (This is not an endorsement to use 1Password.com ... just a place for you to check your accounts)
https://sec.hpi.de/ilc/ A similar tool, this one is from Germany’s Hasso Plattner Institute. If the entered email is associated with any kind of data breach, you’ll receive an emailed report to that address to let you know.
If your email account details have been included in a data hack it is more important than ever to watch out for spam and junk messages. Clicking on links within spam emails, or responding to messages, is a risk ... you may expose more of your personal information, or inadvertently install a virus on your computer. Which is a whole other topic.
We’ve been on the internet for almost 35 years, yet we still haven’t learned our lesson about passwords.
1. Regularly change your password. It’s a safety net. MAKE YOUR PASSWORD LONG – make it a nonsense phrase and randomly mix up symbols and numbers with the letters.
2. Avoid Letting Your Computer Remember Passwords. Having complex passwords for your accounts do no good if the malicious party just needs access to your computer to gain entry to every one of your accounts.
3. Use Two-Factor Authentication (2FA). Two-factor authentication is like a security blanket, an extra layer to help deter a hacker from gaining access to your account, even if your password is compromised. The idea is to test your identity based on something you know (your password) and something you have (your phone or email address) to receive another authentication ID to enter when access is required. You are adding an additional layer of security to your accounts.
* Editorial note: Our topics provide educational information for you. Our goal is to increase awareness about cyber safety.
Marilyn K Souse
Senior Cyber Security Engineer