Ooopsss... one of my email addresses and passwords was included in a data breach! What now?
This morning I woke up to an email telling me that an account connected to my email address had been leaked. It actually was a leak that took place in 2016, but I just received a notification that the password hash has been leaked. What does that mean?
The service is called Surfshark Alert and it is a part of the SurfsharkVPN service. As I activated the service, it will immediately give me an alert if my email address is discovered in any data breach out in the big world. And believe me, there are plenty of data breaches, and that is why this is important. I know Google also has similar services, and site such as Have I been Pawned and so on can help you stay safe.
Why did I get an alert?
Many people use the same password all around the web. If that is so, you need to pay VERY CLOSE attention to such warnings. Do you know why? If hackers manage to get hold of your credentials for Vimeo, then they will easily try to log in to your email address using the same password used for Vimeo. If that works, they suddenly have access to your email address as well. Now they can actually start to check your email, discover where you have other accounts, log in, and do almost anything to you. And if your email address if your 2FA solution (if you have one at all), they can log in to even more important services.
And that is why I got an alert! Whenever my email address is discovered in a data breach in which passwords are revealed, I will be told and I better hurry to change my password. First of all, I should change my password on that given platform, but even more, if I use the same password on other sites, I need to change it there as well!
What to do for you?
I would simply start by visiting https://haveibeenpwned.com/.
There you can search for data breaches that has involved your email address(es). You can also check if your passwords have been included in data breaches. You can also setup alerts, and this in itself should be really useful for you!
That would be my best piece of advice for you at the moment. If you want more security articles and similar content, make sure to follow me here, and also check out https://www.ipaddressguide.org/
Take care everyone, and rather go ahead of the problem, instead of waiting for it to come into your house!
Dear @unbiasedwriter
Thanks for sharing your awful experience buddy.
Now, my question is: how could we even be sure that such an email is not fake? I would initially assume that it's some sort of scam, trying to grab my attention and probably leading me to some trouble.
Did you receive this info from source, which is reliable? I presume it's SurfsharkVPN that informed you about this leak?
ps. do you have any ref link to SurfsharkVPN? I could register myself using your ref link. I've been meaning to start using VPN since beginning of 2020 and I'm yet to do that.
I've been thinking about trying NordVPN, however I'm also open to try some other solution.
I've been wondering - how can "they" know that your email has address has been leaked? It's not like those "hackers" would share info with SurfsharkVPN about their achievements.
Yours, Piotr
Hi there,
thanks for writing! The truth is, there are databases used by sites such as https://haveibeenpwned.com/ and also Surfshark Alert, that makes it easy to discover leaked usernames and passwords. This is a service just paying attention to leaked databases, and if they discover something, they will alert you. In other words, they do not have any profit from actually alerting you, it is just meant to help you :)
I wouldn't subscribe to SurfsharkVPN for this purpose alone, since you can get mostly the same service for free. But, if you first have a SurfsharkVPN subscription, this comes as a nice bonus.
However, start by visiting the haveibeenpwned website and do some research there, and that is a very solid and good start :)
thanks.
I will visit haveibeenpwned right awa