A single data breach of a computer network belonging to anything from a hotel chain to a restaurant or any number of otherwise run-of-the-mill businesses can spawn a host of negative consequences — putting, for example, a massive amount of customer data at risk and opening up those customers to fraud and other nefarious actions as a result.
In recent days, we’ve covered the aftermath of a series of data breaches that produced a shockingly large pile of user credentials which were published on the Internet in recent weeks. This particular data set, which has been called the Compilation of Many Breaches (or, COMB), included some 3.2 billion email-and-password combinations. They weren’t stolen as a result of a new data breach — rather, these were published in the aggregate following multiple previous data breaches. Bottom line, though: There’s a pretty good chance that some of your account credentials at this point are floating around somewhere on the Internet. And if you don’t want to become the latest victim of cyber crime, you need to take some of these steps immediately if you haven’t already.
In no particular order:
- For starters, turn on 2-factor authentication for your accounts that have this option, if you haven’t done so yet. This way, if someone does manage to obtain the password to that account and tries to reset it, you’ll get a notification first — meaning, you’d have to allow the password change for it to happen.
- Change your password right now, and do it regularly going forward. Too many people don’t change their passwords often enough, and the longer you keep it the same, the greater the chance that it can be stolen.
- Use a reliable password manager service to protect your accounts, which will also keep you from forcing yourself to use simple passwords that are easy to remember — and, even worse, that you re-use across accounts, which is one of the worst cybersecurity mistakes you can make.
- Check sites like Have I Been Pwned, the searchable database of stolen credentials from news outlet CyberNews, as well as Avast’s “Hack Check” site to see if any of your account data has been stolen. The site from Avast is particularly useful — it will search databases to see if your accounts and passwords have been caught up in any data breaches, and then it will send you an email telling you which of your accounts and passwords fell victim to what particular breach.