Between 2013 and 2016, Yahoo was targeted by Russian cybercriminals to obtain private user information. This included names, email addresses, phone numbers, passwords and answers to security questions. Three billionusers were affected, making it the worst data breach in history.
Data breaches are common, and nearly everyone has been affected by at least one (and probably several) at some point or another. Thankfully, you now have ways to know if you were part of a data breach without needing to scour the news for reported incidents.
Good privacy habits can help mitigate the effects of a data breach. There are also steps you can take if you learn your personal data may have been compromised. Read on to learn how to best protect yourself against data breaches — and what to do if you’re the victim of one.
How do you know if you’ve been affected by a data breach?
If your information was stolen in a data breach, you could start seeing things like fake antivirus alerts from unauthorized people who can access your computer. You might even get threatening emails or be the target of phishing attacks.
Hopefully, these aren’t how you discover you’re a victim of a data breach. There are easier ways.
Many major browsers automatically store your email and other personal information, letting you log in to all your internet accounts and fill out forms faster. Since your browser keeps your credentials, it can also detect what sites you visit and when this data could have been stolen in a breach. Google Chrome, for example, will notify you in your security settings if your information could have been stolen in a data breach.
There are also websites that track data breaches. Have I Been Pwned is a well-known example.
How to minimize the potential damage caused by a data breach
There are a few easy ways to help protect information such as usernames and passwords:
Use unique passwords for different accounts
If your password was stolen on one site, then all accounts that share that password are also compromised. This means you’ll have to go to all of those services and change every password. You can save yourself a lot of time and effort doing this by not sharing passwords across accounts.
Use a password manager
Following the previous point, it’s not easy to keep track of all your passwords when they’re all different. A password manager securely stores all of them behind one master password. Password managers are a wise investment if you want to prevent your credentials from getting out.
Use fake answers for security questions
A question like, “What was the name of the city you were born in?” is not particularly secure if you use the real answer, as such information can easily be found.
What to do if your credentials might have been compromised
First, change your password(s). Afterward, be vigilant for suspicious activity. Pay special attention to:
- Any strange financial activity, including bank accounts and credit card statements.
- Unauthorized actions on websites you frequent.
- An increase in phishing scams targeting you.
If you notice anything off, it could be a sign that someone’s using your data. What you need to do depends on what information was stolen and what it’s being used for. It could be wise to set up alerts for unusual banking activity, or you may need to freeze your credit. Setting up fraud alerts on the three major credit bureaus may also be a good idea.
In short, pay attention and perform due diligence for anything that seems unusual. This is the best way to prevent stolen information from being used against you.
At Total Defense, we know internet security inside and out. For more tips on staying safe online, follow our blog.