Introduction

Breaches are, sadly, all too common. We are on so many platforms that it is hard to keep up when another hack is announced.

All you hear these days are:

  • This company apologizes for the six million accounts breached.
  • That firm acknowledges hackers accessed thousands of users’ personally identifiable information.
  • Another one admits that bad actors have been in their systems for months, maybe years.

But the question that probably matters most: Is your data breached, too?

The company should contact you if your information is in a data leak, but you can’t rely on that.

The First Thing You Should  Do

Visit https://haveibeenpwned.com/ to find out if your phone number or email address has been leaked.

The above site has uploaded and consolidated breach information to make searching easy. Enter your email address and get a list of breaches that compromised that email. In addition, you’ll get a summary and a description of the data compromised in each breach.

Keep this URL in your Favorites and check it periodically. Don’t rely on companies to contact you—many don’t know they’ve been compromised for months and sometimes years. Take responsibility for your security.

Take These Steps For Better Security

  • Immediately change your passwords for breached accounts—don’t delay. Check out https://haveibeenpwned.com/ and act immediately.
  • Never reuse passwords. Each account or app demands a unique password. Use a Password Manager to remember them all.
  • Do not set your browser to remember passwords. If a bad actor gets into your computer, they’ll open your browser and have it automatically login to your accounts.
  • Set up Two-factor Authentication (2FA) on all accounts that permit it.
  • Make your home Wi-Fi safer by:
    • Making sure your router is updated with encryption activated
    • Changing the default name on your router
    • Turning off network name broadcasting to increase privacy
    • Always using the latest security protocol
    • Replacing outdated routers
    • Using a separate network for house guests
    • Making sure you have a strong firewall
  • Be smart when using Smart Devices:
    • Disable microphones, cameras, and location when not in use
    • Enable security settings on all devices
    • Enable encryption on your Wi-Fi network, especially when using security cameras
    • Immediately change default passwords, using strong and unique combinations
    • Enable multi-factor authentication wherever possible
    • Create and use a secondary Wi-Fi network for your smart devices
    • Update the operating systems on all smart devices
    • Turn devices off when not in use

A Special Word About 2FA

A common approach to 2FA is SMS text messages. First, you enter your credentials; then, the site sends you a text with a code to enter. However, this is not the best method. Scammers can hack the SIM card associated with your device and then use your number to make and receive calls and texts.

Another method is using email to send a code. For similar reasons, if possible—don’t use it.

Instead, use an Authentication App. You’ll download and install an application on your phone (e.g., Authy, Okta Verify, Microsoft, Google, etc.). It will generate a unique verification code valid only for 30–60 seconds.

Conclusion

No one can promise you won’t be hacked, even if you follow these best practices. But you’ll be significantly safer than the vast majority who don’t. So stop being “low-hanging fruit” for the criminal underworld. Instead, take responsibility for your security.

Every business should also follow the above best practices. But, companies should not go it alone.

Hire a good, security-minded Managed Services Provider (MSP) to take the pain out of security. An MSP will:

Want to learn more about network security? We’re here to help. Contact us today.

XSolutions is an IT Services Provider serving New York (NY), New Jersey (NJ), and Connecticut (CT). We provide Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection | Security Awareness Training. Call (845) 362-9675 for a free consultation.