2. Data breaches/Password leaks
We have seen quite a few data breaches and password leaks lately. Yahoo was the victim of multiple data breaches over the past year and over 1 billion customer accounts were exposed. This attack is the worst in history so far.
We've seen hacks on fast-food chains like Wendy's, hotels like Hyatt and even voter records.
The strategy here is simple. Hack into a company database with various computer tools, siphon out customer data, which may include user credentials, decrypt the passwords, maybe sell them on the Dark Web for willing buyers.
News of user information leaks and credentials getting hacked and sold are fast becoming issues that all of us have to deal with, one way or another. An online data breach, unfortunately, is now a fact of life.
What you need to do after a data breach:
- Keep an eye on your bank accounts - You should already be frequently checking your bank statements, looking for suspicious activity. It's even more critical when after a massive data breach. If you see anything that seems strange, report it immediately.
- Set up two-factor authentication - Two-factor authentication, also known as two-step verification, means that to log into your account, you need two ways to prove you are who you say you are. It's like the DMV or bank asking for two forms of ID. Click here to learn how to set up two-factor authentication.
- Investigate your email address - Have I Been Pwned is an easy-to-use site with a database of information that hackers and malicious programs have released publicly. It monitors hacker sites and collects new data every five to 10 minutes about the latest hacks and exposures.
- Change your password - Whenever you hear news of a data breach, it's a good idea to change your online account passwords. Read this article to help you create hack-proof passwords.
- Close unused accounts - Here's an easy way to manage all of your online accounts at once.
- Beware of phishing scams - Scammers will try and piggyback on highly-reported data breaches. They will create phishing emails, pretending to be from the affected company, hoping to get victims to click on malicious links that will lead to more problems. Take our phishing IQ test to see if you can spot a fake email.
- Manage passwords - Many people use the same username and password on multiple sites. Bad idea. If you're using the same credentials on multiple sites, change them to make them unique. If you have too many accounts to remember, you could always use a password manager.