Data breaches are now daily occurrences and can happen to any business. The April 2021 leak of 533 million Facebook records was one of the largest known data leaks, but even if you weren’t affected by that one, you may still be at risk.
There is no easy way to know if your information has been leaked. When a business is hacked, it typically sends a notification letting you know, but this isn’t guaranteed. And you can’t go in and check the Dark Web. It is difficult to find and dangerous to access, and that is why the bad guys like it.
It’s a good idea to navigate to https://haveibeenpwned.com to see if your email address or phone number is on any data breach files. This isn’t conclusive, but it can help.
Even, if you’re not sure if you’ve been a victim of a data leak, you’ll want to take action.
There are several smart strategies to follow immediately.
#1 Limit your social sharing
It is simple to share on social media – that is part of the fun. You share the pictures of your wedding day or anniversary, or your new house with its address. You’re filling in family and friends in your life, right?
Well, if you are using any of that information to create access credentials, you are sharing too much. Someone with a beloved cat called “Petunia” in every photo who uses the feline’s name as a password gives hackers an edge.
You might think you are sharing harmless information, but those birthday party photos posted on the big day are a clue to your identity that hackers can exploit.
#2 Use Unique Passwords
Would you believe people still use “12345678” and “password” as their passwords? If you are one of them, stop now. We’ve said it before, and we’ll say it again and again: use unique passwords for every one of your accounts. Yes, it is more to remember, but it helps cut the risk of a data breach at one site snowballing to disastrous consequences for you.
You might use a password keeper such as 1Password or LastPass to manage your many passwords. This is more secure than the password manager offered by your Web browser, although those are better than revising passwords or trying (hopelessly) to memorize them.
#3 Add Two-Factor Authentication (2FA)
Enabling two-factor authentication (2FA) makes it more challenging for the bad actor. Now, they will need to obtain access not only to log in credentials but also to your personal device. However, since phone numbers are often included in a data leak, this isn’t the best solution. If the hacker has your name, address, and birthdate from the Dark Web, they can take over your phone number, too. They call the company and say, “I lost my phone. Can I get another SIM card.” Then, they are the ones to get those verification codes via message, not you.
Better still, use a 2FA app to confirm your identity. Authy or LastPass are good authenticator apps. After you attempt to log in, you will need to enter a time-sensitive code generated by the app to complete access.
Need help securing your social media or other online activity? Our experts can help. Contact us today at 317-497-5500!