Have Your Passwords Been Stolen By Hackers?

Hacker types in stolen password.

Written by: Jay H.

A user recently posted an astonishing 3.2 billion usernames and passwords on an online public forum. This breach is a compilation of other data breaches from sites such as Netflix, Linkedin, Bitcoin, and more. The good news is that this data is not new – in fact, some of the information dates back ten years. However, this massive aggregation demonstrates the importance of proper password practices, lest one data breach exposes all of your accounts.

How Can A Data Breach Impact Me?

Being exposed in a data breach can have some severe consequences. For instance, if hackers gain access to credentials you reuse on multiple sites, they can access all of your linked accounts. This is especially problematic if you recycle passwords across your banking, email, or other sensitive accounts and don’t have multi-factor authentication enabled.

Furthermore, attackers can use your information to commit identity theft or other crimes. Many websites ask for your personal details such as full name, address, and credit card number. If hackers steal this information, they could use your credit card or use your information fraudulently.

Phishing attacks are another cybercrime hackers commit with stolen information, in which criminals lure unsuspecting victims into giving information like credit card details through a scam. Sometimes, threat actors even extort their victims using the stolen sensitive information.

How To Check For Your Stolen Passwords

The easiest way to check for your leaked passwords is with the Have I Been Pwned searchable breach compilation website. Created by Troy Hunt, a Microsoft regional director, this website allows you to enter your email address or username. Then, within seconds, details of any data breaches you’ve been involved in will appear.

Secure Everything

So, you enter your email and find out your accounts have been leaked. What do you do about this? There are some steps you can take to mitigate your risk:

  1. Change the passwords on all of your leaked accounts: This is the obvious first step. If you don’t change your stolen passwords on breached accounts, you’re essentially a sitting duck. And if you’re one of more than three-quarters of people who reuse their passwords on multiple accounts, you’re at even more risk.
  2. Make all of your passwords strong and unique: Making your passwords strong will prevent brute-forcing (hackers submitting many passwords in the hope one will work), and making them unique will protect your other accounts if a password gets leaked.
  3. Enable multi-factor authentication (MFA): MFA adds an extra layer of security to your accounts. So, even if hackers have your username and password, they cannot access your account without verifying through MFA.
  4. Use a password manager: A password manager lets you create strong and unique passwords without the trouble of remembering them for each site. We strongly recommend you use one.

Protected by Copyscape


Comments are closed.