No matter how good a job you do of creating long, strong, unique passwords, keeping them secret and secure in a password manager, it all goes awry when a vendor site we have used gets breached, and has our user names and passwords stolen. This is where a web site such as Troy Hunt’s HaveIBeenPwned.com comes in.
I have set up an account at HIBP, and get regular warnings when there are new breaches with one of my email addresses involved. I recently did an extended domain search across my wyzguys.com domain, and was dismayed to find that a total of 12 email accounts have been involved in 18 different website breaches.
Some of the breaches that have affected my domain include Anti Public Combo List, Apollo, Bitly, DaniWeb, Data Enrichment Exposure From PDL Customer, Evite, Exactis, Exploit.In, Forbes, LinkedIn, Mac Forums, MyHeritage, Onliner Spambot, QuinStreet, River City Media Spam List, Ticketfly, Verifications.io, You’ve Been Scraped.
There are only two things you can do once you’ve been breached, change your password on the affected account or close the account. If the password you used on the breach was “shared” on other accounts you will need to change those passwords too.
But to do anything, you need to know if you have been “Pwned.” Sign up on Troy’s site today.
ShareDEC
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com