You May Have Been Hacked. Legitimately!
The big news this week is a data breach that exposed 2.7 billion email addresses and passwords.
What’s unique about this breach is that it didn’t matter how strong a person’s password was. The data that was found on the Dark Web contained over 773 million unique accounts, logins and passwords. This information was exposed in cleartext, which is raw, plainly readable, unencrypted information.
You’re probably on the list. We were!
So, what should you do? First, take a deep breath and come to terms with the fact that this is the new norm. We all need to be more diligent about our own personal security habits. What worked in the past isn’t going to be very useful moving forward. But, there are some things you can do, and we’ve listed some important steps you should take both for the immediate issue at hand, but also in practice for the future.
At a bare minimum, follow these steps:
- Go to this website and enter the emails you use for logins. Don’t worry, this website is reputable. We use it regularly. It will tell you if your information has been compromised and try to identify which service was compromised.
- Next, go to this page on the same website and enter your most frequently used passwords. The site doesn’t save the passwords nor does it connect them with an email so you’re fine.
- If you show up in any of these lists, immediately change your password.
- Pay for an account with 1Password. This great service that manages your passwords, generates secure passwords, and will even tell you if your passwords are compromised (with a partnership from the website we had you visit earlier). 1Password can be integrated with your phone and your web-browsers so you don’t have to remember all your passwords ever again allowing hyou to use really complex passwords. 1Password is one of our Technology Partners, so check them out here. (1Password)
- Enable two-factor authentication (2FA) on every service that has it. What is 2FA? When you enable it, say, on Dropbox, you supply the service with your mobile number. The next time you log on to Dropbox, you’ll have to enter a code that they send to you by text message. Is it a pain? Yeah, kinda. But it’s extremely secure and almost every service has it now. You know what’s more of a pain? Having all your data stolen. Turn on 2FA and learn to live with it. This is our reality.
If this feels overwhelming, we understand and we want to help. If any of these steps sound too complicated or you are an aural learner, please get in touch with us and schedule a call. We’ll be more than happy to walk you through these steps so that you have a little more peace of mind.
Fun Fact: Out of the 2 billion plus records that were hacked, there were only 21 million unique passwords. That means tons and tons of people were all using the SAME passwords. This is as good of a reason as any to let 1Password generate your passwords, because humans are truly bad at being unique.