It’s not uncommon for someone to have so many online accounts, they can’t remember them all off the top of their head. Between customer accounts on e-commerce sites to forum memberships and community platforms, it isn’t easy to keep track of which websites have your information.
While you usually don’t have to worry too much about keeping all of your online accounts active, you do need to worry about data breaches. It’s likely you justifiably don’t remember if your MySpace account was ever deleted, for instance.
So how do you know when a data breach has affected you when you can’t remember your own accounts? Luckily, there’s a site that will tell you if you got “pwned”.
What Does It Mean to Get Pwned?
Anyone that played a lot of games back in the 2000s remembers the term “being pwned.” This video game slang meant someone got defeated—deriving from a common typo of “owned” because of keyboard layouts.
Nowadays, getting pwned implies something more severe than losing an online match.
The term “pwned” now refers to instances when someone’s account has fallen victim to a data breach. It comes from the popular website, Have I Been Pwned?
The site’s purpose is to help users discover if their email address or phone numbers were part of a data breach and which sites leaked their information. It’s a valuable resource that offers some startling results to any interested parties.
How Does Data Leak?
There are many ways in which data breaches leak your private information. Although your personal details don’t seem so significant, information is incredibly valuable. While some events are deliberate, a large portion of them are unintentional.
Some common examples of data breaches are:
- Intentional selling of information.
- Theft or loss of data storage devices (hard drives, laptops, USB).
- Unauthorized access to administrative accounts, i.e. leaving company devices logged in and unsupervised or forgetting to log out of accounts on shared computers.
- Accidental transfer of files to the wrong individual(s).
- Hackers or malicious software.
Do Data Breaches Really Matter?
If everything seems to be fine in your digital life, is it worth the effort of looking it up? Absolutely.
It’s good to know who has your personal details and retain some ownership over your private information. Aside from maintaining your security, there are some scary reasons why you’d want to look this information up.
It’s surprising to learn the sites that compromised your data—from major social media sites to textbook rental shops. No matter how trivial the breach seems to be, you should take it seriously.
Even if you aren’t worried about someone gaining access to that shopping account you made back in 2009, you need to consider the exact details they could get from these breaches.
Do your best to protect sensitive information, such as addresses and passwords. This advice is especially relevant if you are someone who reuses passwords (which we advise against). If you use the exact login details for everything, someone just needs to get your Twitter login to access your bank information.
Seemingly minor things (like your date of birth or answers to security questions) may help gain access to more meaningful data.
How Do I Find Out If My Data’s Been Leaked?
Have I Been Pwned? offers a quick and easy solution to finding out which of your accounts faced data leaks.
Using the tool is incredibly simple: all you need to do is type your phone number or email address into the search box.
While the site asks for donations, using the platform itself is entirely free and requires no registration at all.
Once you type in your details, it will let you know if your information was involved in a data breach or not. It will offer a list of compromised accounts and some details about when, how, why, and where it happened. It’s an eye-opening experience!
Checking for compromised information is something you should do more than once. Exploring potential breaches every few months is a great way to stay on top of security risks before they have time to do a lot of damage.
What Do I Do With This Information?
After finding out which data breaches involved your personal accounts, it’s time to take some action. You should not idly stand by with this information and not do anything to help secure compromised accounts. So what can you do?
Change Your Passwords
If this platform indicates any of your accounts were part of a data breach, take some immediate action with your passwords.
The earlier you address the compromised information, the less time cybercriminals have access to it. Aside from changing passwords on compromised accounts, consider what other platforms share those passwords and change them as well.
If you find passwords difficult to remember, consider trying out a password manager.
Revise Your Login Credentials
While many people do share passwords between accounts, this should be a wake-up call to stop.
Do not reuse passwords, especially with accounts attached to sensitive information like banking numbers or your SSN.
Take some time to revisit some of your old passwords and improve them as well. There are many different techniques to create a strong password—you can even use dice.
Delete Unused Accounts
If a site faces multiple breaches, it may be a sign that its security measures are inadequate.
You should never hand your information over to platforms you can’t trust.
You always have the option to delete your profiles too. While helpful, remember that many sites continue to hold some information anyway. Your best option is to avoid creating accounts on sketchy sites, to begin with.
Is It Worth Finding Out if I Was Pwned?
While ignorance is bliss, ignoring potential security threats is not a smart decision. When data breaches involve your personal information, you should know about it.
Learning more about how data breaches work and taking action on compromised accounts is vital to practice internet safety.