Data Leaks
Image: Shutterstock

Identity thefts and cyber crimes merged with modern realities and became the most widespread crimes in the world. People become more aware of digital hygiene, utilizing identity theft protection services, looking through IDWatchdog reviews, and installing the latest antivirus software. Still, many don’t understand how the carelessness on the internet can contribute to identity theft, and how to learn, if sensitive data was compromised.

What data is usually involved in data leaks?

Frankly speaking, everything you’ve saved anywhere on the web. This can be data about your sites visits (if you hacked your browser account, for example), your addresses: actual and email, passwords, card details, contracts, phone numbers – anything.

Everything depends on the original source of the leak – the bank in the databases will have information on your accounts and transfers, but hardly will have the password from personal mail.

If data is leaked along with logins and passwords – is it dangerous?

Everything is not so scary if the site or service contains no information about you or your property, as well as if there are no details about your credit card. In these cases, you may suffer direct damage, primarily material damage.

In all other cases, the risks can be primarily reputational – someone, for example, has access to your messages, to your social media account – and can compromise you purely for personal reasons. But this is extremely rare. It will mean that your information was not even in public, but in personal access, and not as a result of the “leak,” but after a targeted attack by a particular person or group of people specifically on you.

Usually, data enters the internet in large volumes. It means that by and large, the hackers don’t need the information about a particular person – accordingly, and it is not necessary to worry about any manipulation of your account either.

What are the risks of data leaks?

The main risk is that such databases will be consolidated into one large array, which will contain both postal addresses, phones, card data with accounts, passport numbers, information about places of work. The skillful hands of hackers can easily create a full-fledged electronic personality using such information (the identity theft statistics is really sad). Replacing where passwords are necessary, hackers can even make it quite independent from the “source.”

Small bases have little threat in themselves – in most cases, even having passwords to sites with linked bank cards will not allow frauds to empty your wallet if you have two-factor authentication through SMS codes. But even a small array of such databases can untie the hands of certain groups of individuals.

How do I know if my data is publicly available?

As usual, they learn about the break-in – either the site, service, or bank announces it and calls on users to urgently change passwords, or this data is found after the fact on file exchanges or forums. Alas, universal services that will tell if your phone, passport data, name, address – is publicly available.

But there are at least by logins and passwords. For example, a similar check allows Google to do if you use its browser. Several services, such as haveibeenpwned.com, will analyze known leaks and say whether among the “merged” e-mail addresses was yours. If there was, then probably the password is duck along with it.