Data breaches are becoming more common every day, with a new breach being discovered weekly (BetMGM, Toyota, WhatsApp, and Twitter just this month) or new data records released. What does that mean for you, and what are you supposed to do about it? According to an article on BleepingComputer, the email addresses of over 200 million Twitter users were allegedly leaked online. The source of the leak is currently unknown, and it is not clear if any other sensitive information was also compromised during this breach. Additionally, Toyota recently suffered a data breach, with no current reports showing its effect on any US-based customers. Conversely, a data leak effecting WhatsApp reportedly exposed the phone numbers and user IDs of approximately 4.2 million users. It is not yet clear how the leak occurred or who may have been responsible but this type of leak effects clients directly. WhatsApp has stated that the leak did not compromise users' messages or other personal information. When a data breach occurs, the spectrum of what that breach is and what information is involved or compromised, isn't always clear. Here are our recommendations to guide you through the fog of the unknown: If you are a user of a company involved in a data breach, and are concerned about the leak of your email address or other PII, there are a few steps you can take to protect yourself:
Change your password: If you use the same password for multiple accounts, it is especially important to change your password for not only your effected account, but any other accounts it applies. Lastly, create a strong, unique password for each of your accounts.
Enable two-factor authentication: This adds an extra layer of protection to your account by requiring you to enter a code sent to your phone or email in addition to your password when logging in.
Be cautious of phishing scams: After a data leak, it is common for scammers to send out fake emails claiming to be from the company whose data was leaked. These can include asking you to click on a link or enter your login information. Do not click on any links or enter your login information unless you are certain the request is legitimate.
Monitor your accounts for suspicious activity: Keep an eye on your accounts for any unusual activity, such as login attempts from unfamiliar locations or changes to your account settings that you did not make. If you notice anything out of the ordinary, change your password and contact the 360 Privacy for assistance.