There seems to be an endless number of data leaks occurring every year and it is not uncommon for your information to be freely available for sale on the dark web. Learn how to check if your personal information or password has been compromised.
The password managers from Apple and Google offer the possibility to check from time to time whether your accounts are listed in known leaks, based on logins and passwords saved in iOS / Safari and Android / Chrome respectively.
Even so, not all users use this feature, they just ignore it or just save the account information in the cloud. That’s where Have i been pwned come inside.
The website compares publicly leaked databases of over 11 billion accounts at the time of publication with a user-supplied email address or phone number.
How to check if your personal information has been leaked
- Go to haveibeenpwned.com.
- In the text box, enter an email address or phone number that follows the international format (with the country code and country code).
- Press the pnwed? Button.
If your data has not been compromised in any way, the website will say “Good news – no Pwnage found!” Displayed.
However, if your credentials were found in a leaked database, the message that appears is “Oh no – pwned!” followed by a list of known leaks in the form of “Pwned in” [number of] Data breach and found [number of] Pastes.
The list of leaked databases indicates what type of information is included – email, password, physical address, IP addresses, date of birth and phone number for example – and a brief summary of how the data was obtained and leaked.
What to do if you are a victim of a data breach?
Based on the results shown in Have I Been Pwned, the first thing you need to do is remove repeated passwords that have been used on numerous websites. While almost everyone is to blame, it is highly recommended that you use unique and difficult-to-guess combinations.
Once you’ve taken the required steps, always double-check that payment information has been saved, including your debit or credit card numbers. Also, check with your credit card company or the issuing bank to see if any unusual transactions have occurred recently. If so, what recommended remedial action can be taken?
Other than that, there is very little you can do since your data is already publicly available. Another security measure you can take is to change the answers in your password recovery systems based on your leaked data, such as: B. “What city were you born in?” This is a tedious process, but a necessary evil.
This will prevent you from falling for new password leaks
The only way to ensure that your password has not been leaked is to not create any user accounts or registrations at all. Even deleting as much personal information as possible from current services does not guarantee anything, as some leaks contain data that organizations should have removed.
To minimize the potential consequences of future leaks, we continue to repeat the often repeated advice to use unique and difficult-to-guess passwords. With password suggestion tools built into Chrome and Safari (including Edge and Firefox), you can avoid simple combinations like “123456” and synchronize passwords on multiple connected devices.
Oh, and please enable two-factor authentication whenever possible.
Data from 500 million Facebook accounts has been leaked
In April 2021, information about more than half a billion Facebook logins was disseminated on the Internet. According to the social network itself, this data was not obtained from hacked systems, but from a tool that scanned the platform and exploited any loose ends and gaps.
The company claims to have closed access to the feature used in September 2019 and recommends using the privacy review tool available on the social network.
Information leaked includes names, gender, date of birth, location, relationships, and work status, which is usually associated with phone numbers and in some cases email addresses.
As if the leak wasn’t devastating enough, a new cleaning tool was released two weeks later that reveals how to get emails associated with user accounts. Belgian website at the same time DataNews saw an internal Facebook email instructing PR teams to attribute this data breach to a “broad industry problem” in order to downplay the previous snafu.
Despite attempts to manipulate public opinion, the fact remains that other services, including LinkedIn and Clubhouse, experienced major data leaks in the same month. Unfortunately, this will not be the last time that personal data will be freely circulated, even if the necessary security mechanisms are in place or the data protection of your country is not guaranteed.