photo RSMAtnWebAdRed13.jpg

The Computer Corner

REG COMPUTERS

By Charles Miller

So Your Email Address Has Been Hacked—Now What?

 

There are two very valuable websites available to anyone who is interested in keeping their personal information safe while online. The websites I recommend you visit are “haveibeenpwned.com” and “monitor.mozilla.com,” where anyone may check to see if their email address appears on any of the lists known to be used by cyber-crooks.

Several readers wrote to criticize me, and justifiably so, for not explaining what action they should take if one of these websites reports their email has been compromised. So this week I will try to make up for that omission.

Both of the websites listed in the first paragraph provide a tool that offers you a window through which you may find out what hackers already know about you. Hackers have perpetrated an unknown number of data breaches, through which they have obtained long lists of names, addresses, passwords, credit card numbers, and a lot of other personal information. This information is sold on the criminal underground, and now, by using one of the previously mentioned websites, you can learn whether or not your email address appears on one of those lists.

In my case, one of my email addresses was involved in a data breach at Adobe Systems in October 2013, which compromised 153 million accounts. The information Adobe lost included my email address, password, and password hint.

So, what to do? Start by entering your email address into one of these two helpful websites, then look at what the website lists after “Compromised Data.” I was told that Adobe had lost my email, password, and password hint, so I went to Adobe.com to change those. Adobe had apparently not lost my mailing address or credit card number, but I erased that information just in case.

This is what you should do when you know specifically which company lost your credentials: go to that company’s website, and change your password. A bit more troubling are the criminals’ lists that can include your email address without attribution as to how your name got on the list.

One Atencion reader said that the “haveibeenpwned.com” site reported her email address was included in a hacker’s list containing 593 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated among cyber-crooks and used for “credential stuffing” in an attempt to identify other places, such as banks, where the account owner might have reused their password.

This is alarming if she used that email address to communicate with her bank, and potentially very dangerous if she had been lazy about reusing the same password on different websites, including her bank. I recommended to this reader that she seriously consider changing her email address, at least the one she uses for banking, and never again use the same password for the bank as she uses for Facebook and Twitter.

Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981, and now practically a full-time resident. He may be contacted at 044 415 101 8528 or email FAQ8 (at) SMAguru.com

 

Comments are closed

 photo RSMAtnWebAdRed13.jpg
 photo RSMAtnWebAdRed13.jpg

Photo Gallery

 photo RSMAtnWebAdRed13.jpg
Log in | Designed by Gabfire themes All original content on these pages is fingerprinted and certified by Digiprove