Your Data Appeared in a Leak. Now What?
The urge to shrug and do nothing is strong, but that approach is almost certain to cause you some future pain. Learn from my mistakes — someone once took over my Facebook account using stolen data because I recycled my passwords. (Tip: Don't do this.)
Data breaches are now an unfortunate fact of modern life, and there's not much you can do about preventing them. But that doesn't mean you can't protect yourself in the aftermath. Here's what to do.
Leaks and data breaches can take many forms — a hacker releases stolen records online, a company accidentally leaves a server available, the list goes on — but the result is that your personal information ends up somewhere it shouldn't.
Don't panic, but don't ignore it. The sad truth is, decades of data breaches and a thriving market for data brokers mean that an uncomfortable amount of your personal information is likely already out in the open.
'It doesn't worry me too much anymore, just simply because there's so much of that data out there anyway, and a new data breach doesn't particularly change that,' says Troy Hunt, the founder of HaveIBeenPwned, a site that lets you search data breaches to see if you've been affected. But some breaches, particularly those involving sensitive data such as passwords or other personal information, demand attention.
Here's what to do immediately after a data breach to protect yourself in the future:
Set up a password manager and enable two-factor authentication. Because attackers know that many people use the same password across multiple accounts, they'll attempt to use a password exposed on one website across others. Hunt says that due to password recycling, 'one data breach of a fairly benign service is suddenly a digital key to everything else.'
Even if your password wasn't exposed, take the breach as an opportunity to level up your online security. First, choose a password manager (our picks are 1Password and Bitwarden) and use it to create a new, unique password for the site that was breached. Then, take a minute to activate 2FA, if it's available, to keep attackers out even if they have your password. Two-factor authentication adds another layer of protection on top of your password, often in the form of a PIN, security key, or face scan (if you've ever been prompted to enter a texted code after entering your password, that's 2FA). Once you've done that, change the password on another site or two every day (or whenever you log in), and add it to your password manager. Eventually, you'll have unique and complex passwords protected with 2FA for all of your accounts, which will help protect you after future data breaches. I Tried, and Failed, to Disappear From the Internet
Go directly to the source to find more information about the breach. If you hear about a data breach from a letter, email, or news report, go to the affected company's website to get more information. Be sure to avoid links in emails or text messages, as these can sometimes be from opportunistic scammers.
Look for explanations of what information was exposed and what, if any, additional steps the company is taking to protect those affected. If you can't find any information on the website, try contacting the company by phone using a verified phone number. Many companies list their contact numbers on their official websites, so use that number instead of whatever pops up on Google.
Once you know what information was exposed, you can decide what to do about it. Assessing your risk is deeply personal, and how you react might depend on how much and what kind of information the company had on you, though some personal information is obviously sensitive.
If your account password, address, or Social Security number has been exposed, you need to take action. Another important piece of information that is often overlooked is your date of birth: 'You can never change it,' Hunt says. 'And unfortunately, we've got everything from [telecommunication companies] to banks regularly using that as an identity proof.'
Change your passwords. Companies sometimes require a password reset after a data breach, so you'll have to create a new password before you can log in. If the company doesn't require a reset, you can do it yourself in your account settings. If you can't log in to change your password, though, an attacker may have already taken control of your account; use the site's password-recovery tool and replace your old password with a strong new one. Store that new password in your password manager and then turn on 2FA. If that doesn't work, contact the company through a verified phone number listed on its site or another trusted source to regain control of your account.
Also change the password on any other site where you reused it. As we mentioned earlier, attackers know people's bad password habits and sometimes try confirmed passwords on multiple sites, hoping to get lucky.
Share this article with a friend.
Monitor your bank and credit card accounts. Log in to your financial accounts and look for fraudulent charges. Most bank accounts in the US are insured by the Federal Deposit Insurance Corporation for up to $250,000, so if you see incorrect charges, contact your bank to file a claim and get your money back. In the US, customers are not responsible for fraudulent credit card charges, either, so report any of those as well to get them removed from your account.
When contacting your bank, credit card company, or brokerage, be sure to do so through a verified phone number. Most banks and credit card issuers list a fraud-support phone number on the back of your debit or credit card.
Check and freeze your credit. Sometimes, scammers try to use your personal information to open new bank accounts or take out loans. You can check for this kind of fraudulent activity by examining your credit reports from the three major credit bureaus: Equifax, Experian, and TransUnion. The Federal Trade Commission recommends against contacting the credit bureaus individually and instead directs people to use AnnualCreditReport.com to request one free report from each credit bureau per year.
You can also request a credit freeze, which helps prevent new accounts or loans from being opened in your name. If you have children, the FTC recommends freezing their credit, as well; because youngsters are unlikely to be checking their own credit reports, fraud using the information of minors can go unnoticed for years. A credit freeze lasts until you choose to lift it, but keep in mind that it can't protect against all kinds of fraud.
The Federal Trade Commission offers resources for reporting identity theft and recovering your accounts if you're concerned that someone is using your Social Security number.
If the affected companies offer free credit monitoring or identity-theft support, use it. Many companies offer credit-monitoring services in the wake of a data breach. You should take advantage. However, all of them require you to activate such services, and you have to watch for notifications if these services find anything suspicious. Typically, you have a limited time during which you can activate the services, and they run for only a year or so.
File your taxes early. Tax scammers sometimes try to claim your US income tax refund by using stolen information to file a return before you do. If you were involved in a recent data breach, or if sensitive information such as your Social Security number was leaked, consider filing your taxes early to beat scammers to the punch.
You can also set up a PIN with the IRS to add an extra layer of protection to your taxes. This is a smart thing to do, even if your data hasn't been exposed.
Be on alert for scams purporting to help after a breach. Scammers sometimes send legitimate-looking emails or texts about data breaches that are actually links to phishing sites, which look like reputable sites but are actually designed to convince you to divulge your passwords or sensitive information. It's a cruel manipulation: exploiting your very anxiety about a security leak to steal your information.
To protect yourself, be skeptical of messages with links or demands for immediate, dramatic action. Before you follow any instructions from an email, a text message, or even a phone call, confirm that information by going to an official website or contacting support through a verified phone number.
Phishing sites have a short lifespan, and most browsers are good at blocking malicious sites. If your browser warns you to stay away, pay attention. Most password managers store a related URL along with your password and notify you when you visit a site with a saved password. If you're on a familiar-looking site but your password manager doesn't recognize it, double-check the URL to confirm that it isn't a cleverly designed look-alike. Your Phone Is Stolen. Your Laptop Gets Lost. Here's What to Do.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
16 minutes ago
- Yahoo
Uber salaries revealed: See how much software developers and other tech workers at the ride-hailing company make
Uber is hiring as the company works to become a "super app." Software developers can make base salaries of up to $266,400, according to federal data. Here's what Uber pays some of its tech workers, from data scientists to IT project managers. Uber wants to be a "super app," and it's hiring people to make it happen. So how much is it paying them? The company is probably best known for the millions of gig workers who pick up and drop off riders or deliver food for Uber Eats. But Uber is looking to expand those services — with self-driving cars, for example — as well as offer customers targeted offers. Last year, it also reportedly considered making a bid for Expedia, though no deal materialized. "We're slowly moving towards a super app of sorts," CEO Dara Khosrowshahi said. Like many tech companies, Uber has taken a more financially cautious approach to its corporate head count over the last few years. But it's still looking for new hires. In early August, Uber had close to 800 open positions listed on its website. Some of the teams with the most open roles included engineering, operations, and sales. Uber filed to hire just under 500 workers through the H-1B visa program in the first half of this reporting year, according to filings with the US Department of Labor. That's more than the roughly 350 filings that Uber made during the same period in 2024. Some of the most common job positions that Uber filed to hire through the program were data scientists, operations research analysts, and software developers. Companies are required to submit this work visa data, which includes salary information, to the US Department of Labor for all foreign hires. However, the compensation figures don't include equity or other benefits that employees can receive in addition to their base pay. The filings also include industry average pay rates for US workers. Here's a look at the jobs that Uber disclosed salaries for: Computer and Information Systems Managers can make up to $360,000 Staff Software Engineer: $225,200 to $258,800 Manager, Engineering: $235,100 to $287,000 Senior Manager: $230,800 to $299,700 Senior Director, Engineering: $360,000 Data Scientists can earn up to $199,400 Scientist, Tech: $111,966 to $174,900 Senior Scientist, Tech: $185,300 to $199,400 Staff Scientist, Tech: $219,400 to $250,000 Applied Scientist: $133,100 to $179,100 Data Scientist: $125,950 to $175,019 Senior Data Scientist: $150,400 to $164,300 Information Technology Project Managers can earn up to $215,900 Product Manager: $158,700 to $197,000 Senior Technical Program Manager: $215,900 Senior Program Manager: $144,500 to $163,600 Operations Research Analysts can make up to $185,300 Scientist, Tech: $149,650 to $174,900 Senior Scientist, Tech: $169,800 to $185,300 Senior Operations and Logistics Manager: $138,650 to $142,850 Regional Operations Manager: $108,600 to $140,950 Manager, Sales Operations: $157,400 Software Developers can make up to $266,400 Software Engineer: $98,516 to $195,300 Software Engineer II: $113,308 to $135,005 Staff Software Engineer: $225,200 to $266,400 Senior Software Engineer: $151,819 to $235,500 Senior Applications Developer: $187,800 to $209,700 Do you have a story to share about Uber? Contact this reporter at abitter@ or 808-854-4501. Read the original article on Business Insider Error while retrieving data Sign in to access your portfolio Error while retrieving data Error while retrieving data Error while retrieving data Error while retrieving data
Forbes
19 minutes ago
- Forbes
Microsoft's New Windows Warning—Pay $20 To Save All Your Data
Microsoft is on a mission to sell you more Microsoft. That's why you get Copilot when you ask for Gemini or ChatGPT. That's why you get Edge when you ask for Chrome. That's why you get Bing when you ask for Google. And that's why it's now pushing a backup solution that means you would likely need to pay. Windows Latest warns Microsoft's 'nagging won't stop.' The Start menu now 'shows banners for OneDrive with an alert icon that says you need to back up everything to the cloud. In case you don't have Microsoft 365, you'll be asked to pay for the subscription.' That will cost you $20 per year for a home user or $60 for a business user, assuming (like everyone these days) you have more than 5GB of data. The warning tells users 'we want to ensure that you always have access to your files, apps, settings and passwords by backing them up to the cloud.' Not just any cloud — Microsoft's cloud. If you click on 'continue,' you'll be directed to a OneDrive backup setup. 'It doesn't matter how you see things,' Windows Latest says, 'this is an upsell. Microsoft wants you to use their cloud backup (like OneDrive). It's using a warning-style message to make it seem urgent, but it's mostly to get you to subscribe or use their service.' As with Copilot, Bing, Edge and OneDrive, there is an element of user frustration with ads stitched into the OS. 'Do we really need this constant nagging?' Windows Latest says. 'I love Windows, I pay for Microsoft 365 and use OneDrive all the time, but I have certain use cases, and I may not want to back up all personal files, such as screenshots or camera snaps, to the cloud, especially when I have multiple Windows 11 PCs.' These nags appear sporadically and can't be stopped. 'Unless your PC is constantly syncing data to OneDrive, the alert will continue to appear.' Ouch. This is a Windows 11 issue for now, albeit the company is also pushing its 700 million Windows 10 users to make the switch to give their PCs and their data an added security boost. If you don't want to make that move and intend to take Microsoft's 12-month extended Windows 10 support instead, you'll need to log into your account. This is another new push that's caused some consternation amongst the user base. The good news is that a paid $30 support option now covers 10 PCs on a single account. Although it's uncertain which type of multi-PC owning user that largesse is directed at.
Yahoo
20 minutes ago
- Yahoo
'Moving is easy with Windows 11' Microsoft tells us, promoting Backup app for transferring files from a Windows 10 PC - but you'll need to pay for OneDrive
When you buy through links on our articles, Future and its syndication partners may earn a commission. Microsoft has put together a new promotional video It sells the benefits of transferring to a new PC via the Backup app However, it's also pushing a OneDrive subscription - but there are free alternatives Microsoft has published a video clip explaining how easy it is to move to Windows 11 using the Backup app to transfer the contents of your Windows 10 PC (or most of them, anyway). Windows Latest spotted the new promotional video from Microsoft, which shows how easy it is to make the leap to a Windows 11 PC (see the clip below). As the video makes clear, you can back up your personal files, Windows settings, and also some apps from your Windows 10 PC, and transfer them directly to a Windows 11 computer with a minimum of fuss (or that's certainly the idea). To be fair to Microsoft, it also points out the major catches with using the Windows Backup app to switch over to a Windows 11 PC. Namely, that you can't take third-party apps with you - they need manual reinstallation, only Microsoft Store apps can be ported across (their pins will be where you left them, and you can click on the relevant pin to restore the application) - and that you're limited to 5GB of files by default. The 5GB restriction is in place because the backup that the Windows app creates is stored on OneDrive - so you need an account with Microsoft's cloud storage locker. The basic free account only has 5GB of cloud storage, and if you want more space than that, you'll have to pay for a OneDrive subscription. Analysis: other options for PC migration that are free So, the long and short of it is, if your data and settings amount to more than 5GB - which it surely will in most cases - then you'll need a paid plan on OneDrive to ensure Windows Backup transfers all your stuff to a new Windows 11 PC. In other words, this is Microsoft not-so-subtly pushing a OneDrive subscription (not for the first time, I might add). If you want to use Microsoft's built-in Windows Backup facility, there's no alternative to OneDrive. If you paid for cloud storage with another provider, no choice is offered to use that cloud locker instead. There are alternatives to paying for a OneDrive subscription to ensure you have enough capacity to fully transfer all your files across to a new PC. You can simply be very selective about what you choose for Microsoft's Backup app to port over, and perhaps leave out the hefty chunk of media files (photos, videos) you may have on your computer. To move those media files, you could simply copy them to an external drive, and then subsequently manually move them onto the new PC - okay, that's a bit of extra hassle, but it's not really a big deal. (If you do go this route, don't delete the files from the original PC until they're safely transferred - always be sure to keep multiple copies. Never rely on a single copy of any data, as in this case, if the external drive goes kaput, you've lost everything). Another eventual option will be the PC-to-PC migration feature in the Windows Backup app, which transfers your files over from one computer to another via the local network (with no need for OneDrive). However, you will need a Microsoft account still, and in this case, no apps will be ported across at all (not even those from the Microsoft Store). Even so, this will be a useful alternative in the future, but the feature isn't live yet. Indeed, it hasn't appeared on Windows 10 at all - only the non-functional shell of the PC-to-PC migration feature is available on Windows 11 currently - but I can only presume that Microsoft is working to get this up and running before October 2025, when Windows 10 support runs dry. Notably, though, Microsoft doesn't mention PC-to-PC migration in the above video clip. Fair enough, as noted, it isn't working yet, and so the company does have an excuse - but I'm betting there won't be an all-singing-and-dancing promotional video campaign for this feature when it debuts. Unlike pushing OneDrive, this isn't going to give Microsoft any immediate (potential) financial benefit. You might also like... Fed up with your mouse cursor supersizing itself randomly in Windows 11? Thankfully this frustrating bug should now be fixed Microsoft promises to crack one of the biggest problems with Windows 11: slow performance No, Windows 11 PCs aren't 'up to 2.3x faster' than Windows 10 devices, as Microsoft suggests – here's why that's an outlandish claim
