Most of us have multiple online accounts across numerous websites, apps, and services, and even if we know that using the same password for all these accounts is not secure, we still end up doing it because let’s face it, it’s convenient, and it’s hard to keep track of several complicated passwords and memorize them.
While there are ways like saved passwords and a password manager to create unique and complicated passwords across all your accounts, they are still not as secure as you might think.
You might have come across several news articles and online posts sharing data breaches of user names and passwords, even in large tech companies like Facebook.
When this happens, no matter you use a password manager or save your passwords in your browser, you can still be hacked and your passwords will end up in some hacker’s database of compromised passwords which he might then sell in the black market to make money or use them himself to hack into high profile accounts to steal more data, and even money.
So, besides following all the safety precautions to avoid being hacked and getting caught in the middle of a data breach yourself, like using complicated passwords, using a password manager, setting up two-factor authentication across all your accounts, and even using physical security keys, what to do if you still end up being a victim of a data breach, or suspect that your account might be involved in a large scale hack or a security compromise of a website or a service you use regularly?
Well, fortunately, there is a way using which you can regularly check to see if you have been hacked and have been a victim of a well-known data breach and if your email accounts or passwords have been compromised in any of these attacks.
Follow the below steps to check if you have been hacked and if your accounts, passwords, or phone numbers have been compromised in any security breach.
How to check if you have been hacked
Step 1: Visit the website
First, visit the website have I been pwned? from your phone or your computer.
Step 2: Enter your potentially compromised account details
From here, you can either enter your phone number in international format or your email address that you used on a potentially compromised website in the search box and then click on the button that says “pwned?”
Step 3: Check if you have been hacked
The website will now analyze the details you have entered and will reveal if your email or phone number has been involved in a breach.
Apart from this, you can also get detailed information about the breaches where your password or account information might be compromised, the time of the breach, and the data that has been compromised in each particular breach.
The compromised data could include your name, date of birth, gender, email addresses, geographical location, passwords, usernames, names, social media profiles, employer details, job titles, IP Addresses, website URLs, and so on.
The affected data might vary mainly depending on the type of breach and the data you have provided to the service you were using involved in the security attack.
Step 4: Suggestions to secure your account
Apart from seeing where your data has been breached and what kind of information has been compromised, you can also use the suggestions in the Have I been pwned website to ensure that your data will not be compromised in the future, or at least make it harder to be compromised,
As mentioned earlier, no company is entirely immune to a security attack, and one way or the other, your data is always at risk no matter what security measures you, or the services you use might undertake.
So, the best thing you can do is to use a password manager or the built-in strong password suggestion tools in your browser to ensure that you generate and use a random and complicated password for each website and online service you use.
While this might not help you if a particular website or a service you use has been involved in a data breach, at least you can ensure that all your other accounts will be safe as you don’t use the same password everywhere.
You can also use the Have I been pwned website to check all the websites and online services involved in a data breach to ensure that you don’t use the website or change your password immediately if compromised.
The website also has an option for you to subscribe to get an email or a notification every time there has been a data breach, giving you a head start in securing your data or changing your compromised passwords.
You can also search for a specific domain of a website you use and have an account to check if it has been involved in a data breach.
The website even provides you with a downloadable list of the compromised passwords involved in massive data breaches. You can also use your passwords to check if it has been compromised yet and immediately change it.