This article originally appeared here on February 16, 2018. The info is still valid so take a moment to revisit the material below!
Unless you are oblivious to the news you have heard about data breaches.Some of the more notorious ones have been Equifax, Yahoo, Dropbox, Target and Anthem Health Care. These are just a few of the many breaches that have occurred.
So what exactly is a data breach? According to Wikipedia, A data breach is the intentional or unintentional release of secure or private/confidential information to an untrusted environment.
Just to give you an idea of the scope of the problem, you can look at a list of data breaches here: https://en.wikipedia.org/wiki/List_of_data_breaches
Kiplinger offers this information relating to email addresses and passwords: Passwords, usernames and e-mail addresses are frequently compromised. But unless the exposure includes personally identifying information in combination with other info (think name and account number, or log-in plus password), you may not even be notified. Still, theft of such data puts you at risk for so-called phishing scams, in which ID thieves try to gain additional info via e-mail or phone. You also might be in trouble if you’ve used the same usernames and passwords on multiple sites.
It’s entirely possible that we all have been the unwitting victims of one of these data breaches, but how can you tell if your data has been exposed?
Here are a couple of steps to take. First, take a look at the list mentioned above to see if you may have been exposed. If you don’t use any of the services listed then you are possibly ok. If you have used one of the listed services, then you need to do a little more investigation.
Head on over to https://haveibeenpwned.com/ and enter your email address. It will check to see if your email address is listed as being pwned, which is a hacker term for being owned. (The urban dictionary can give you more data: https://www.urbandictionary.com/define.php?term=pwned)
If you haven’t been pwned, then great, you’re safe! If you have been pwned then click on the Password tab and start checking passwords that you use. If the password turns up in the database you will be advised to go change it in every site where you use that password (You know that you shouldn’t use a password in more than place, right? No matter, we all do!)
Follow these steps to make an effort to clean things up, and get in the habit of changing your passwords periodically!