Yet another data breach: Is your password on the dark web now?

Stock-trading app Robinhood announced Monday that a Nov. 3 data breach had leaked the personal information of 7 million customers. The compromised data was mostly email addresses. But according to a press release, names, dates of birth, ZIP codes and “more extensive account details” were leaked for a small subset of users as well. Robinhood, which was best known before the leak for its role in the GameStop meme stock saga, is only the latest data breach victim, in a long list of companies that seems to grow every week. That means if your personal information hasn’t been stolen yet, it probably will be someday. Or maybe it has been, but you just don’t know about it — yet.

If your personal data has been compromised, you often won’t learn about it until T-Mobile, Facebook, Marriott, DoorDash, LinkedIn or any other company you’ve trusted with your information notifies you about a data breach. By that time your birthday, Social Security number, credit card number, health records or other data will have already been exposed or stolen.

Any stolen personal information that leads data thieves to your identity can let hackers do everything from making purchases and opening up credit accounts in your name, to filing for your tax refunds and making medical claims, all posing as you. What’s worse, billions of these hacked login credentials are available on the dark web, neatly packaged for hackers to easily download for free.

You can’t stop sites getting hacked, but you can take a few steps to check if your information may be compromised and to limit the damage done from a breach. If you use a password manager that creates unique passwords, you can ensure that if one site gets breached, your stolen password won’t give hackers access to your accounts on other sites. A good password manager can also help you manage all your login information, making it easy to create and then use unique passwords.

After a cyberattack, a couple of monitoring tools can alert you to which of your stolen credentials are out in the wild on the dark web, giving you a running start at limiting the damage the thieves can do. Here’s how to use two free monitoring tools — Google’s Password Checkup and Mozilla’s Firefox Monitor — to see which of your email addresses and passwords are compromised, so you can take action.

How to use Google’s Password Checkup

As part of its password manager service, Google offers the free Password Checkup tool, which monitors usernames and passwords you use to sign into sites outside of Google’s domain and notifies you if those login credentials have been exposed. (You may remember Password Checkup when it was a Chrome extension you had to add separately to Google’s browser. This is the same tool folded into Google’s password manager.)

1. If you use Google’s password service to keep track of your login credentials in Chrome or Android, head to Google’s password manager site and tap Go to Check passwords.

2. Tap Check Passwords and verify it’s you.

3. Enter the password for your Google account.

4. After thinking for a bit, Google will display any issues it’s found, including compromised, reused and weak passwords.

5. Next to each reused or weak password is a Change password button you can tap to pick a more secure one…Read more>>


Register Form

Email Address
Phone No