Do you ever worry that your email has been part of a data breach? There’s no longer a week that goes by without a cyber attack becoming global news. Would you be surprised to hear that over FIVE MILLION records are lost or stolen each day (H/T Breach Level Index)?
That number is only going to increase as the world becomes more connected by technology. Luckily there’s now a way you can see if you have an account that has been compromised.
How to check if you’ve been part of a cyber attack/data breach
By visiting the website haveibeenpwned.com you can run your email address or commonly used usernames through the site’s database. The massive database has details of over 250 compromised websites which contain nearly five million different accounts. There’s also info on just under 60,000 pastes which have details of over 55 million accounts. The first sign of breaches come in the form of ‘pastes’ online which in a plain text form will disclose accounts that have been affected by a breach of data.
Once you’ve entered your email or username, you will get one of two messages displayed by the site.
If your search entry doesn’t match anything on the site’s database, you will see this message, and you’re all clear!
If your search entry matches with something on the sites’ database, you will see a message telling you which breached websites and pastes your data had been found in.
What to do if my email has been part of a data breach/cyber attack
If you have been part of a data breach what should you do? The first thing you need to do is see what sites the information has been breached from. If you scroll down on HaveIBeenPwned, it will give you the information of sites and pastes than affected you. Here’s an example below;
It’s important not to panic if you have been breached but instead think of logical steps you can take. The website will tell you what information was collected in the breach such as email addresses, passwords and browsing activity etc.
Look at each site that’s listed and do the following;
- Update your password on that website straight away.
- If you no longer use the website listed (you may be surprised how many accounts you have!) deactivate that account completely.
How else can I protect my accounts?
You can never be 100% protected. In fact, in most breaches, the users aren’t at fault. Companies don’t protect their data correctly leaving your information at risk. There are some precautionary steps you can take to protect your data though.
It goes without saying you should have a secure password for all you’re accounts. You should never use the same password twice. To help with this, we recommend using an online password manager such as LastPass.
For more information make sure you check out our guide on How to create the perfect password.
Two-Factor Authentication (2FA)
Most websites now give you the option to enable two-factor authentication (2FA). 2FA puts another layer of protection on your accounts. If you go to log into an account on a new or untrusted device, you will be prompted to enter a code sent to a trusted secondary device (usually your mobile). If your login information falls into the wrong hands, 2FA will stop them from getting into your accounts.
It’s more important than ever to protect your accounts. It’s also equally important to check if any of your accounts have been compromised. Set a regular reminder to check the HaveIBeenPwned website to check for the latest data breaches and online pastes.