Sometimes you may not even know your password has been breached. It has become increasingly common for companies to have the customer information to be leaked to the Dark Web.
Fortunately, there is an extremely secure website that will inform you if your email or password is available for hackers online and the source that exposed it. The site is called “have i been pwned?” and you can use it to check on your email and password, at https://haveibeenpwned.com.
Here are three simple tips to keeping your passwords safe:
- Use 2-Factor Authorization When Possible. Many sites can link with your cell phone and require you to enter a code before logins can be finalized. This makes it very difficult for someone that has your password to even log in because you need to authorize that location. This is a relatively new and advanced way to protect yourself.
- Do not use the same password on multiple sites. Many people use the same password because it is easier to remember. The problem is if there is one breach on one site then you are extremely vulnerable on all sites.
- Use a password manager like LastPass to manage your passwords. That way you won’t have the excuse of keeping track of all those separate passwords! If Lastpass you would have a master password which to would sign into the program with and then the rest would be protected within its encryption process.
If you have used any of the following systems there is a good chance your password has been breached:
Fortnite
January 16, 2019:
There was a flaw in the video game Fortnite which exposed players to being hacked.This issue was discovered by to the security firm Check Point. This exploit can allow some to take over a player’s account, view their personal information, purchase in-game currency, and read private messages. Fortnite has 200 million users worldwide.
BlackRock Inc.
January 22, 2019:
As many as 20,000 of the company’s financial advisors had their information leaked. BlackRock is one of the world’s largest asset manager. The company posted confidential sales documents related to advisers who work with BlackRock’s iShares unit. Names, emails, and assets managed by each adviser were exposed.
Dunkin’ Donuts
February 12, 2019:
Dunkin’ Donuts announced a data breach which affected DD Perks rewards members. This is the second time this issue occurred in three months. Hackers used credential stuffing attacks to gain access to customer accounts which was later sold on the Dark Web.
March 21, 2019:
Facebook has admitted that since 2012 it has not properly secured the passwords. The number of users affected is upwards of 600 million users. Customer passwords were stored in plain text and were accessible to more than 20,000 of the company’s employees.
Microsoft Email Services
April 15, 2019:
Microsoft admitted a data breach of its non-corporate email services which included @msn.com, @hotmail.com, and @outlook.com. This beach which lasted from January 1 to March 28, 2019. It allowed hackers to access email accounts by misusing Microsoft’s customer support portal.
May 14, 2019:
Facebook has faced another data privacy scandal after a WhatsApp data breach. The messaging app has over 1.5 billion users worldwide. The security flaw left people vulnerable to spyware designed by the Israeli government surveillance agency, NSO Group. Those affected would have been able to have their phone’s microphone and the camera turned on without permission. WhatsApp messages and apps associated with it were affected.
May 20, 2019:
More than 49 million Instagram users and companies had their private contact information exposed. An India-based social media marketing company left this data unprotected on an Amazon Web Services database. TechCrunch reported that the bio, profile photo, location, verification status, email address and phone number of high-profile accounts were exposed.
Quest Diagnostics
June 3, 2019:
Nearly 12 million patients were exposed in this Quest Diagnostics data breach. Hackers took control of the payments page of one of Quest’s billing collections vendors AMCA. This breach happened between August 2018 and March 2019. Social Security numbers, health information, and financial account data were likely stolen.
Sprint
July 18, 2019:
Many Sprint customer accounts were hacked through Samsung.com’s “add a line” website. The exact number of customer affected is unknown. The information exposed includes names, billing addresses, phone numbers, device types, device IDs, monthly recurring charges, subscriber IDs, account numbers, account creation dates, upgrade eligibility, and add-on services.
If you are concerned about protecting your personal information and are concerned if your password has been breached, give Rush Tech Support a call at 844-880-7874. Countless times we’ve assisted our customers with navigating the ever-changing security landscape.
