so there have been plenty of reports in
the news lately about large-scale data
breaches caused by everything from
clever hacking to poor security
practices to somebody just leaving a
flash drive lying around but once
everyone's email addresses passwords and
credit card numbers get stolen what
actually happens to all that information
I mean is there just like a-- a walmart
for cyber criminals where they go to buy
your personal information at rollback
prices and if your information is indeed
part of a massive breach how do you find
out what are the appropriate precautions
so one thing that's helpful in
understanding what happens after a data
breach is to realize the sheer scope of
many of them it's not uncommon for these
breaches to affect tens of millions of
people at once and sometimes even more
so that means that it isn't particularly
easy for an individual user to search
through large databases of stolen
information especially considering the
sorts of places that information ends up
oftentimes this data actually will
appear on dark web markets that require
special software to access them where it
is indeed bought and sold by cyber
criminals hoping to rack up fraudulent
charges drain someone's bank account or
even commit outright identity theft now
you can learn more about the dark web
here but it turns out that this isn't
the only place where personal data can
appear in fact sometimes it'll show up
in a much more public pastebin site
what's a pastebin site you might ask
well it's kind of the digital equivalent
of the inside of a bathroom stall wall
they're designed for anyone to just dump
a large amount of data as plain text and
these things can be great for folks like
coders who want others to check their
code for errors or I mean just anyone
who needs a place to quickly jot down a
non sensitive information in recent
years though some pastebin sites have
become hotbeds for stolen data procured
from data breaches now some of this data
is put there by hacktivists
who don't seek to make much if any money
off of their exploits
while other leaks are partially dumped
to pastebin sites by attackers as a free
sample of a larger data set that they
expect to get paid for on one of the
aforementioned darknet markets and while
anyone can bring up data that's dumped
to a paste bin it's not exactly easy for
the average consumer to go hunt for
their credentials one-by-one after they
heard about the latest big data breach
on the news there is good news though
there are easier ways to keep tabs on
your logins and passwords there are
services but try to catalog darknet
leaks and that automatically detect when
large data dumps appear on paste bins
then organize them into databases and
save them even if the original data gets
taken down one of the best known of
these services is have I been pwned
which works by having you enter your
email address which it then checks
against a database of billions of leaked
account records to see if you've been
affected by a breach
had I been pwned uses a bot to monitor
pastebin sites for new submissions
containing credentials and passwords
it offers email notifications if the
site finds your info in a recent breach
and it also allows users to enter their
own passwords to check against the
database as well which sounds like a
terrible idea
but don't worry have I been pwned and
plays an algorithm that keeps your
passwords secure when you test them by
hashing them then only sending the first
five characters of the hash to a server
that contains the database of known
breached passwords after any matching
hashes are found they're sent back to
your PC which can then determine if your
entire hash password is the same as any
of the passwords found in the database
if you don't know what a hash is by the
way you can learn all about them right
up here this functionality has actually
also been built into some password
managers which can even tell you if your
credentials have been found in a recent
data dump so that's cool but then what
if you follow these steps and your
details have been compromised well step
one is to change your passwords step two
is to contact your bank and credit card
companies if your email was tied to
those accounts
and get in touch then with step 3 one of
the major credit reporting agencies once
you've contacted them you can do basic
things like freezing your credit for
free or if you want something a little
less intrusive than having your credit
frozen you can pay for credit monitoring
which will send you a report when anyone
tries to open a new account or apply for
credit in your name and that last one I
know it's kind of a pain and to be quite
frank I don't want to advocate for those
credit monitoring companies because I
think at least some of them are bunch of
Yahoo's and I don't mean that in like
Yahoo the company way I just I mean
they're idiots I remember being on the
phone with one of them and complaining
that their site doesn't support
two-factor authentication even though
there's a blog post on their site from
like three years ago
recommending that you turn two-factor
authentication on for any sensitive
accounts like and the guy he didn't even
the guy on the phone okay low-level
customer service person whatever didn't
even know what 2fa was you have a lot of
sense of information in there anyway
it's all you can really do and it's
really important in the event of a leak
that you take action swiftly if your
information is out there because in some
cases the company responsible for the
leak might cover your monitoring fees
anyway and the thing is is like you
never know what could come back to bite
you and where and if you don't want
anything to bite you
check out BitDefender total security
2019 their best-in-class security
solutions for Windows Mac Android and
iOS have been awarded outstanding
product of the Year by av-comparatives
and their trusted by over five hundred
million users worldwide that is half of
a billion network threat prevention
detects attacks including botnets and
stops them before they begin and also
prevents your sensitive information from
being sent in an unencrypted format you
also get ransomware protection a VPN
service parental controls and autopilot
a security adviser that provides
contextual recommendations based on your
device's usage and needs all of this is
backed by comprehensive 24/7 support so
check out the link below for more
details as well as a special giveaway so
thanks for watching guys like dislike
check out our other videos
a comment if you have a suggestion for a
future fast as possible and don't forget
to subscribe and ring the bell icon
that's weird when you click it it
doesn't ring also also they changed the
bell icon so make sure you've got the
bell icon on right
there's off and then there's like on a
bit and then there's like on all the
time do you want that one
We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.