Gadgetory

so there have been plenty of reports in the news lately about large-scale data breaches caused by everything from clever hacking to poor security practices to somebody just leaving a flash drive lying around but once everyone's email addresses passwords and credit card numbers get stolen what actually happens to all that information I mean is there just like a-- a walmart for cyber criminals where they go to buy your personal information at rollback prices and if your information is indeed part of a massive breach how do you find out what are the appropriate precautions so one thing that's helpful in understanding what happens after a data breach is to realize the sheer scope of many of them it's not uncommon for these breaches to affect tens of millions of people at once and sometimes even more so that means that it isn't particularly easy for an individual user to search through large databases of stolen information especially considering the sorts of places that information ends up oftentimes this data actually will appear on dark web markets that require special software to access them where it is indeed bought and sold by cyber criminals hoping to rack up fraudulent charges drain someone's bank account or even commit outright identity theft now you can learn more about the dark web here but it turns out that this isn't the only place where personal data can appear in fact sometimes it'll show up in a much more public pastebin site what's a pastebin site you might ask well it's kind of the digital equivalent of the inside of a bathroom stall wall they're designed for anyone to just dump a large amount of data as plain text and these things can be great for folks like coders who want others to check their code for errors or I mean just anyone who needs a place to quickly jot down a non sensitive information in recent years though some pastebin sites have become hotbeds for stolen data procured from data breaches now some of this data is put there by hacktivists who don't seek to make much if any money off of their exploits while other leaks are partially dumped to pastebin sites by attackers as a free sample of a larger data set that they expect to get paid for on one of the aforementioned darknet markets and while anyone can bring up data that's dumped to a paste bin it's not exactly easy for the average consumer to go hunt for their credentials one-by-one after they heard about the latest big data breach on the news there is good news though there are easier ways to keep tabs on your logins and passwords there are services but try to catalog darknet leaks and that automatically detect when large data dumps appear on paste bins then organize them into databases and save them even if the original data gets taken down one of the best known of these services is have I been pwned which works by having you enter your email address which it then checks against a database of billions of leaked account records to see if you've been affected by a breach had I been pwned uses a bot to monitor pastebin sites for new submissions containing credentials and passwords it offers email notifications if the site finds your info in a recent breach and it also allows users to enter their own passwords to check against the database as well which sounds like a terrible idea but don't worry have I been pwned and plays an algorithm that keeps your passwords secure when you test them by hashing them then only sending the first five characters of the hash to a server that contains the database of known breached passwords after any matching hashes are found they're sent back to your PC which can then determine if your entire hash password is the same as any of the passwords found in the database if you don't know what a hash is by the way you can learn all about them right up here this functionality has actually also been built into some password managers which can even tell you if your credentials have been found in a recent data dump so that's cool but then what if you follow these steps and your details have been compromised well step one is to change your passwords step two is to contact your bank and credit card companies if your email was tied to those accounts and get in touch then with step 3 one of the major credit reporting agencies once you've contacted them you can do basic things like freezing your credit for free or if you want something a little less intrusive than having your credit frozen you can pay for credit monitoring which will send you a report when anyone tries to open a new account or apply for credit in your name and that last one I know it's kind of a pain and to be quite frank I don't want to advocate for those credit monitoring companies because I think at least some of them are bunch of Yahoo's and I don't mean that in like Yahoo the company way I just I mean they're idiots I remember being on the phone with one of them and complaining that their site doesn't support two-factor authentication even though there's a blog post on their site from like three years ago recommending that you turn two-factor authentication on for any sensitive accounts like and the guy he didn't even the guy on the phone okay low-level customer service person whatever didn't even know what 2fa was you have a lot of sense of information in there anyway it's all you can really do and it's really important in the event of a leak that you take action swiftly if your information is out there because in some cases the company responsible for the leak might cover your monitoring fees anyway and the thing is is like you never know what could come back to bite you and where and if you don't want anything to bite you check out BitDefender total security 2019 their best-in-class security solutions for Windows Mac Android and iOS have been awarded outstanding product of the Year by av-comparatives and their trusted by over five hundred million users worldwide that is half of a billion network threat prevention detects attacks including botnets and stops them before they begin and also prevents your sensitive information from being sent in an unencrypted format you also get ransomware protection a VPN service parental controls and autopilot a security adviser that provides contextual recommendations based on your device's usage and needs all of this is backed by comprehensive 24/7 support so check out the link below for more details as well as a special giveaway so thanks for watching guys like dislike check out our other videos a comment if you have a suggestion for a future fast as possible and don't forget to subscribe and ring the bell icon that's weird when you click it it doesn't ring also also they changed the bell icon so make sure you've got the bell icon on right there's off and then there's like on a bit and then there's like on all the time do you want that one