How to check if your accounts have been hacked
Over the last couple of weeks we’ve started to see more and more companies report that they have been hacked by someone who has gone on to steal hundreds of thousands, maybe even millions of peoples personal information. In December of last year a viral botnet was discovered stealing the info of over 2 million accounts ranging from Google to Facebook to Yahoo. And in October 2013 Adobe initially revealed that 2.9 million customers has had their sensitive and personal data stolen in a security breach which included peoples credit card details. They then admitted a 3.8GB file was stolen which contained a whopping 152 million usernames, reversibly encrypted passwords and unencrypted password hints, all of which was posted on online.
The most recent security breaches have come in the forms of Snapchat and Target. On January 1st 2014 Snapchat was hacked which revealed the usernames and phone numbers of over 4.6 million people, which again were posted online, and again on Black Friday in America,Target reported that over 40 million customers credit and debit cards have been compromised. Now this begs the question, what are these companies doing to stop this sort of thing happening again, or more importantly in the first place. Well if you’re Snapchat then apparently not a lot, because a week before the app was hacked an Australian security firm, Gibson Security, has written precisely about the flaw and the developers of Snapchat failed to do anything about it.
Now this will probably leave you wondering if one of your many accounts across the internet has been compromised, but how can you know? Well there are many sites out there that consolidate the publicly available details from all the major hacks and lets your search if your email is among them. Some are very useful, but some have been found to just be email harvesting sites, so be careful what you use. But my favourite is a new site called haveibeenpwned.com, which tells you whether your personal information has been stolen, which site the hack occurred on and whether any of your personal details were compromised, such as your username or password.
At the moment haveibeenpwned only check are few sites which have been hacked, as of now it checks if you have been affected by any of the following hacks:
but most likely in the future when other big companies such suffering these breaches, more sites will be added. As said before Adobe lost the information of over 152 million customer personal date, so that’s one sites you should definitely be looking at. So when you find out one of your accounts has been compromised it’s time to create a new password. And no I don’t mean use your birthday, your pets name, your favourite sports team, your birthplace or just simply the word “password“.
You should try for something no one else is going to figure out by looking through your personal details. The most basic rule is the length of the password, ideally more than 8 characters, with a mixture of upper and lower-case letters, numbers and special characters. So create a complex password, but so complex you’ll forget it. Another handy tip is to use a different password for every site you use then use a password manager program to keep track of them all.
You can never be too careful on the internet, especially with your privacy, so remember to keep that password complex and you might not end up losing all your personal info when the next big security breach happens, and trust me, there’s plenty more to come in the future unless these companies take a stronger approach to security.