A data breach in 2018 compromised about 668 million user accounts, and an astounding 1.578 billion accounts were hacked in 2017. One of the most recent violations was BlankMediaGames, the creators of the popular game Town of Salem. As a result of this hack alone, more than 7.6 million accounts were compromised.
When the website you log on to is hacked, your information can – and likely will – be stored, sold, or leaked. If you use the same email and password on this website as others, hackers can easily access your information. This is why so many security experts recommend using different passwords for each site you join.
The key to protection is awareness. If you know your account has been compromised, you can take steps to protect other accounts. Here’s how.
Take advantage of HaveIBeenPwned.com
There are other articles on the net like this one, but many of them are out of date. Specifically, Forbes has one that lists multiple websites, but upon testing, we found that their security certificates had expired or they were throwing a 403 Forbidden error. Even if you could make them work, is it worth the risk?
One site has proven itself over and over again: HaveIBeenPwned.com The website checks email addresses against a abuse database and tells you if your email address has been disseminated as a result of one of a variety of violations. HaveIBeenPwned also lists the most recent as well as the biggest violations.
How to use HaveIBeenPwned.com
Take a look at the image above. To find out if an account has been compromised, there is one step: just type in the search box and click “pwned?” button. (If you’re wondering, pwned is a misspelling of the word “belongs”, an insult over the Internet in the late 1990s / early 2000s.)
This is what happens when we check the address:
I knew the account had been hacked a while ago due to a major WordPress hack and steps were taken to protect it. If your email address has been hacked due to multiple hacks (such as the one below), you can review the lists and find out which ones are the most dangerous.
If you use the same email address on multiple websites, make sure they each have a different password.
Below the notification, you will see an explanation of when and where the account was hacked, as well as steps to improve the security of your account. It will also tell you if the violation was related to emails, passwords, names, location, etc.
Domain and Address Monitor
If you own a specific web domain, you can set up automatic alerts if accounts in the domain are ever compromised. HaveIBeenPwned requires proof of ownership and several other layers of security before you can receive these notifications, which reduces the risk of someone gathering information it wasn’t intended to.
You can also enter your email address and receive notifications of serious violations.
Create a strong password
It is tedious to use different passwords for each website, but that pales in comparison to the headache you will experience if your identity is stolen or other sensitive information is leaked. A strong password must contain the following key elements:
- Password must be at least 12 characters, but preferably more.
- Password must be composed of upper and lower case letters, numbers and symbols.
- The password should not be similar to your email address.
- Password should not be an ordinary word or phrase.
While there is no 100% guarantee that an account is secure, no matter how many protections you use, you can reduce the risk of a hacker gaining access by using strong, separate passwords on every website you browse, and by tracking down data leaks that could make a difference. you.