Check If You’ve Been Breached In 3 Seconds

Close up of illuminated keyboard

Written by Rachel Cooper

Graduating with a Bachelor of Business/ Bachelor of Digital Media, and armed with a passion for research and writing, Rachel dived into the IT and cyber security space while flourishing her marketing career with All Covered Solutions on the Gold Coast.

13/09/2021

Data breaches are not a rare occurrence. As cybercrime rates surge, it comes as no surprise that data breaches are fairly common and when a large company is involved sometimes it makes news… and sometimes it doesn’t.

Can you be breached without knowing?

Yes! Unfortunately, this is also pretty common. Whether the breach didn’t make headlines, you weren’t informed, or you didn’t see the email telling you of the breach, it is easy you may have missed the memo.

So what happens if you’ve been breached and you don’t know it?

We have good news for you: You can find out if your information has been leaked super quickly with Have I Been Pwned? It’s an online service created by Australian web security consultant Troy Hunt that lets users search their own email address or phone number to check if it has been involved in a data breach. It doesn’t cost the user anything and is an extremely quick way to find out if your personal information is in breach.

It works by collecting and analysing multitudes of database dumps and pastes that contain information connected to billions of breached accounts. When you input your number or email to check, it scans the database and brings up any data breach incidents that your information has been compromised in.

You can search you email address and phone number on the home page or jump over to the passwords tab and search your passwords to see if any have appeared in breached data. You can also use the password search to determine how common a password is. For example, if you search “password123” you’ll see this password has appeared almost 127,000 times in leaked data! This can help you make better and stronger passwords.

I’ve been breached – now what?

Don’t panic. You may not know what exact information has been leaked except that the email or number you searched was included in the breach.

If you are concerned your financial details have been compromised, contact your bank immediately. If you are able to take action at home: freeze your credit, disable your card, or transfer as much money out of the account linked to your card as possible. We also recommend contacting the company of the data that was breached so they are aware and can remove your payment credentials or terminate your account.

Start by changing your passwords straight away. Have I Been Pwned? will tell you which accounts your information is in breach from. Go through these accounts and update your passwords. From there, make sure you also update any other accounts that may use the same password (naughty!) and change them to something new and unused by any other account you own.

How can I prevent my data being breached again?

We highly recommend utilising a password manager to securely store your passwords, eliminating the need to remember them yourself. This means you can have unique passwords for each account as you no longer need to have them floating around your brain. LastPass is our favourite and you can find out more about how password managers work and why they are great here.

Two words: multifactor authentication. This is an extra layer of protection as a simple step in the form of a code or biometrics. When you log in, you will be prompted to input a code sent to a different device or be verified via facial or fingerprint recognition. This is an easy process and extremely effective in avoiding a data breach.

Delete old accounts you no longer use. The more information you have on the world wide web, statistically the more chance you have of one or more of your accounts becoming involved in a data breach. Cleaning out your repertoire can be done a few ways: start by deleting any accounts that popped up in your Have I Been Pwned search that you no longer use. Then, go through your saved logins on your browser or search your inbox for welcome emails or messages to verify your account. You can also trying searching the web for any usernames or look for a combination of your name and email address.

You May Also Like…