Última actualización: April 16th, 2020 - 06:18 pm
In February 2019, the information of more than 620 million users was hacked, published and sold in what’s known as the dark web. Today, several months after the incident, there’s a huge probability the information is still available online.
The hundreds of gigabytes contain mainly names, email addresses and passwords. If you’ve ever had an account in Dubsmash, MyFitnessPal, MyHeritage, ShareThis, HauteLook, Animoto, EyeEm, 8fit, Whitepages, Fotolog, 500px, Armor Gamos, BookMate, CoffeeMeetsBagel, Artsy and/or DataCamp, it might be a great idea to change your password as soon as possible.
These kinds of massive attacks that are not after banking information, are used by hackers or cybercriminals to gain access to the individual credentials of people. How many of us had a Fotolog account that has been long forgotten? Or how many of us signed up on MyFitnessPal to track the calories of our food, or Canva, to improve the look&feel of our social media content? Even if we stopped using the apps, our personal information is still there, and is now available for all those who are willing to pay for it and are able to crack their way into the content. Once they can access the credentials, they can steal our digital identities and pretend to be us, as well as singing into other sites or platforms where we have the same password.
How can we effectively verify if our information has been hacked and published? There are some websites where we can track if our email address has been connected to a stolen account, such as Have I Been Pwned. However, once the information has been stolen, the only thing we can do as users is to change our password, and verify the password is not used to sign in other accounts.
To avoid further headaches, a great prevention method is using alternative authentication factors apart from the username and password, such as the One Time Passwords (OTP), which we can set up to receive via SMS or email. In other cases, all where’s possible, it’s highly recommended to enable a second or third biometrical factor with our face, voice or fingerprint as support for our traditional password. We’ll always be able to change passwords and access codes, but we won’t never be able to change who we are.
In case you’re wondering how the multiple authentication factor works, here’s a video that explains it in detail: