How You Can Protect Yourself Against Inevitable Data Breaches

Your privacy and security on the internet isn’t just dependent on your own behavior, it also relies on the websites and apps you use being secure. Unfortunately, this is often not the case, and sensitive information regularly leaks online. Here’s how to protect yourself for when it happens to you.

How Do You Know My Data Will Be Breached?

Your private data will leak (and probably has already), whether you’re aware of it or not. Whenever you make an online purchase, log into a website or app, or enter any other information online, you trust the owner of that service to keep it secure. The unfortunate reality is that your trust is probably misplaced.

This is demonstrated by the frequency and sheer number of online data breaches. Many businesses, governments, and other organizations don’t even know that they’ve been hacked and had their data stolen (or if they do, they disclose it later than they should) and continue to operate while their websites provide hackers and scammers with their users’ personal information.

Having your details appear in a data breach has become a simple fact of life (unless you want to try and live completely off-grid). Your passwords, banking details, social security numbers, and even basic information like your name and address can be used to hack your accounts, make fraudulent transactions, or impersonate you. Information that could be used to blackmail you, like private messages, is also targets for hackers.

Protect Your Accounts With Two-Factor Authentication

The first thing you should do to protect yourself is make sure that you have enabled two-factor authentication (2FA) on all of your accounts that support it. This prevents others from gaining access to your account, even if they have the password.

You should pay extra attention to securing your email and mobile phone provider accounts, as these are the contact methods you’ll need to reset your password for other accounts. Emails are also frequently used to sign in to other services, too, which makes them a major weak point in your security if they’re compromised. If you lose access to your email account, you may not be able to recover it, or anything else.

Make sure you have contact methods set up for account recovery. Add your phone number and an email address to your important accounts (banking, online payments, and social media accounts) so that you can receive password reset messages in case someone else gains access to the account and tries to take it over.

Use a Password Manager

You should use a unique password for every online account so that if one leaks, the others are safe. Remembering all of them would be impossible, so use a password manager to keep track of them.

You should also avoid answering those security questions (like “What is your mother’s maiden name”) with real answers and instead use and record nonsensical answers, as all of that information is readily available online.

Pay With Online Payment Services

Rather than handing your credit card number directly to online shops that may not have the best security, use online payment services like Apple Pay, Google Wallet, and PayPal to protect your financial details.

These services have good security (even if the websites that use them for payment may not), and often have added benefits like fraud protection.

If you can’t use one of those services, consider using a virtual credit card instead.

Regularly Check Breach Sites

Have I Been Pwned will tell you if your details have appeared in a known data breach, so it’s worth periodically checking it to see if you need to proactively change any passwords, or check for suspicious activity on your accounts.

Firefox also offers data breach alerts, while Apple lets you check for leaked passwords stored in iCloud.

Keep an Eye on Your Bank Accounts

Some hackers will skim tiny amounts of money (from numerous people for a big payday) to evade detection. You should regularly check your transactions for any unauthorized activity, and report it to your bank. Be aware that some legitimate services will hold or withdraw small amounts to verify that a credit card is legitimate before taking payment, so make sure you don’t mistake these for an illegitimate transaction.

If you do think your payment details have leaked, change your login details and report your credit card as stolen so that you receive a new credit card number.

Make Sure Your Friends, Family, and Colleagues Are Security-Aware

You’re not the only potential source for private information about yourself: your friends and family know enough private information for a scammer to use (for example, by gathering information to answer your security questions).

Make sure those around you are also vigilant about their online security.

Don’t Put Anything Online That You Don’t Want the World To See (Even in DMs)

Anything that you post online, be it public social media posts or private messages, may eventually come to light in a breach. If you are concerned about privacy, use an encrypted messaging service to protect your communications. If you upload sensitive files to the cloud for storage (like pictures of your passport), consider encrypting the image first, so that no one besides you can retrieve it.

Protecting Yourself Online Isn’t a One-Time Thing

You’ll always be a target for cybercrime (everyone is!), but you can make yourself a small target. By staying vigilant, following security best practices, and not over-sharing, you can reduce the useful information available to hackers.

With limited information, and without being able to access all of your accounts by compromising just one of them, cybercriminals won’t be able to get a foot hold in your digital life, reducing the damage they can do, and giving you a chance to take back control.