It’s reported to be the largest data breach yet – a Russian cybercriminal gang has reportedly obtained at least 1.2 billion (yes, that’s with a “b”) user name and password combinations from hundreds of thousands of yet-unnamed websites, along with email addresses.
Let’s think for a moment – let’s say a website that you use was one of those that was breached. And let’s say that the password you used on that site is the same password you use on other sites, maybe multiple other sites. That means hackers have access to not only the original site, but also all those other places you used that same password.
The problem is, you don’t really know whether sites you visit were part of the hack, because that information hasn’t been made public for security reasons. So your best bet is take a conservative approach. Now would be a really good time for you to change ALL of your passwords, and use different ones for different sites. At the very least, change the passwords you use for banking and financial sites as well as any others that have personally identifiable information such as your social security number or account numbers.
When creating passwords, make them strong. Don’t use dictionary words, and try to include multiple special characters – a mixture of numbers and letters, upper and lowercase, and those punctuation characters that show up when you hit Shift and a number. Don’t use information that can be easily guessed, like your birthdate or address.
Once you’ve created those strong passwords, keep them safe. Don’t put them on a sticky note on your monitor, don’t leave them sitting around, and don’t share them with anyone else. If you get an email supposedly from your bank (or any other “reputable source”) asking for your password, ignore it – it’s a phishing attempt.
More suggestions for keeping your information safe is available on the Federal Trade Commission’s website, which can be accessed by clicking here.