Sunday, November 24, 2024

It never ends! What to do after a data breach

0
It never ends! What to do after a data breach


Ticketmaster, Advance Auto Parts, Santander Bank, ATT, Bank of America, file transfer service MOVEit, Trello and Discord. Those are just some of the major companies targeted in data breaches so far this year.

I’m giving away a $1,000 gift card to your favorite airline. 

Try my free tech newsletter to enter! 

It’s easy to ignore news of a data breach, I know. There are just so many that it all turns into white noise. The Change Healthcare hack alone exposed one-third of Americans. That’s either you or someone you love dearly.

So, what do you do if your data is exposed? Your No. 1 goal is to protect yourself from future scams. 

OWN A HOME? SHOPPING OR SELLING? YOU’RE A SCAM TARGET

Do these things right away

Make a list of your data that was exposed.

Keep a document, Post-it, a note on your phone or whatever works for you. Be suspicious of anyone who references it in an email or phone call to prove they’re legit. Say your home address was leaked and someone contacts you about an issue with your mortgage. Yep, it’s probably a scam.

Watch your money. 

Update your PIN and banking login credentials. Even if they weren’t involved directly in the breach, hackers can use your personal info to access it. Keep an eye on your bank and credit card statements.

Freeze your credit. 

This will keep scammers from opening a credit card or loan in your name. Like setting up a fraud alert, you’ll need to contact each of the three credit bureaus. It takes a little work, but it’s a solid defense against criminals trying to ruin your financial future.

While data breach news is easy to ignore, the long-term consequences of these breaches on everyday Americans are anything but. (Jakub Porzycki/NurPhoto via Getty Images)

Crooks love to play the long game

They’ll wait until your guard is down and target you months after the initial breach. 

This is part of the reason so many people fall for phishing scams. The crooks are going into text, call and email exchanges with a lot of ammo.

  • Be wary of any email requests. Even if a request is legit, it’s OK to take your time to figure it out. If it’s the first you’re hearing of something (like wiring your boss a bunch of money), it’s not urgent. Better safe than sorry.
  • Watch out for healthcare-related requests. If you receive an explanation of benefits (EOB) or a bill for services you didn’t receive, contact your healthcare provider and insurance company right away. Someone else may have gotten those services using your name.
  • If you get an out-of-the-blue message from an old friend, be extremely cautious. Hackers love to use your info to pose as friends or family. These often start with an innocent-seeming text. Ignore texts from strangers who pretend to have the wrong number and want to chat, too.

10 VOICE SCAMS TO WATCH OUT FOR – AND YOUR QUICK ACTION PLAN

What about when passwords are revealed?

On July 4, Hackers posted a file named RockYou2024.txt to a dark web forum. The file includes a mind-numbing 9,948,575,739 passwords. And there’s a very good chance it puts you at risk. The RockYou2024 leak is made up of passwords from both old and new data breaches.

It’s one thing when criminals have your name, phone number and financial details. Having access to your passwords is a whole different ball game.

The tactic is called credential stuffing

This is when crooks take your leaked passwords and try to break into as many services, sites, accounts and apps as they can. They’re hoping you got lazy at least once and reused that password somewhere else.

A hacker software is open on a laptop

Hackers can take your leaked passwords and try to use them to brute-force their way into as many of your accounts as they can. (Photo by Silas Stein/picture alliance via Getty Images)

Any system that isn’t protected against brute-force attacks is at risk, and this goes beyond smartphones and computers. Even internet-connected cameras and industrial equipment are on the hackable list.

What are your next steps?

Visit Cybernews’ Leaked Password Checker to see if your passwords were exposed. HaveIBeenPwned is another option. Enter your email address into either one, and I’ll bet you’ll find yourself on the list.

Now the hard part: Reset the passwords for every single account associated with those leaked passwords. 

20 TECH TRICKS TO MAKE LIFE BETTER, SAFER OR EASIER

Your browser can help

Your browser’s password manager can alert you if your passwords have been involved in a breach. Here’s how to view or enable this feature in three popular browsers:

  • Google Chrome: Password alerts are enabled by default. If you think you might’ve missed one, head to Google’s Password Manager and run a Password Checkup.
  • Microsoft Edge: You’ll need to turn on Edge’s Password Monitor. To do this, go to Settings and more (the three-dot menu at the top right of your browser window) > Settings > Profiles > Passwords. Then, toggle on the switch for Show alerts when passwords are found in an online leak.
  • Apple Safari: Password monitoring is on by default for browsers running on MacOS 14 or iOS 14 and later. To check for alerts on your iPhone or Mac, and to update any compromised passwords, go to Settings > Passwords > Security Recommendations > Change Password on Website.
Gmail app logo

Browser-based password managers are an easy way of monitoring your potential involvement in data breaches. (Photo illustration by Chesnot/Getty Images)

Oh, and this is important to remember: Any random two-factor authentication (2FA) codes you receive via email or text that you didn’t ask for could mean someone is trying to access your accounts.

Share this tip with someone you care about. Protecting others from scams starts with knowledge.

CLICK HERE TO GET THE FOX NEWS APP

Get tech-smarter on your schedule

Award-winning host Kim Komando is your secret weapon for navigating tech.

Copyright 2024, WestStar Multimedia Entertainment. All rights reserved.

Leave a Reply

Your email address will not be published. Required fields are marked *