Did you miss the headline? “Millions Affected by Massive Data Breach” If so, just wait until tomorrow, when another example of how many companies are with your privacy will be announced. Many consumers are seeking additional means to protect their privacy themselves, disregarding pious assurances from companies that obviously don’t care or don’t know how to protect their customers. Here are some of the most often recommended privacy-protection tools, and some thoughts about how well you can expect them to work…
Yet Another Breach of Your Private Information?
In just one of many recent examples, over two BILLION customer accounts were stolen in March 2019 from Verifications.io, an email marketing firm. Forbes reported that the stolen data includes emails, phone numbers, addresses, dates of birth, social media account details, credit scores and mortgage data.
Like I said, that’s just one of many. The Identity Theft Resource Center publishes a monthly Breach Report that identified over 80 data breaches in January 2019. The report shows the name of the company where the breach occurred, the types of data compromised, and the number of affected records. This handy infographic summarizes the data breaches from 2017 and 2018. Business, healthcare, and banking were the most common targets in the 2,800+ breaches from that time period.
Were you affected by any of those breaches? With a total of over 2.5 billion consumer records affected in the past two years, and over a billion Yahoo accounts compromised in 2016, I’d say you would be lucky to escape with your privacy unscathed. Valuable data such as account passwords, social security numbers, financial data, and credit card information is sold by the pound on the Dark Web. Check out the privacy tools below, for some tips on identifying if, when or how you may have been affected. I’ve also got some tips on how to protect what’s left of your digital privacy.
Have I Been Pwned: Enter your email address and this site will tell you if it has been compromised at any time in the past. (The term “pwned” is geekspeak for “owned,” or “defeated.”)
BreachAlarm is a similar, but more proactive service that allows you to check anonymously if your email account has been hacked, leaked or compromised. They comb the dark corners of the Internet in search of stolen password lists that have been posted online. You can sign up for email notifications about future password hacks that affect you.
Outline VPN by Alphabet, Inc., parent of Google, is a life-saving boon for journalists and activists in countries with repressive governments. It is somewhat effective for ordinary citizens free-roaming the Internet.
A VPN (Virtual Private Network) provides encrypted connections between two or more computers to keep communications between them private. But all of the computers on a given VPN must have the same VPN client software and permission to be on this private network. You may have VPN client software on your machine, but that “cat” video site where you spend most of your work day does not. The connection from the video site to the VPN server is wide open and can be traced back to you. However, it is neither easy nor quick, and random citizens are not worth that much of a hacker’s time and trouble while so many of them fall for traps easily set.
More Privacy Tools (and one to avoid)
The Facebook Container Add-on For Firefox is nothing more or less than a private/incognito browsing window fitted into a browser tab. When first installed, the add-on deletes all cookies set by Facebook, including cookies set by other sites where you have used your Facebook ID to register, comment, or like. You interact with Facebook only in this special, blue-colored tab. In other tabs, you can interact with other sites and Facebook will not be able to track your Web activities. The downside is that you won’t be able to “sign in with Facebook” on other sites or share their pages to your Facebook page. Oh, and you’ll have to use Firefox, eschewing the many advantages of Chrome.
Password managers are vital tools for privacy, security, and remembering passwords. If you’re not using a password manager, you are probably violating most of the rules for keeping your accounts secure. Here’s an article Can This Robot Manage Your Passwords? has links to Roboform and some other recommended password manager apps.
The Google Password Checkup tool will alert you on the spot if the username and password you are about to enter on a website have been compromised. Password Checkup is a Chrome browser extension that checks your input against a database of four billion login credentials that Google knows have been compromised.
Privacy.com is a service provider of single-use debit card numbers. You sign up by giving Privacy.com the keys to your checking account – username, password, and answers to security questions. I just did it myself. Wait, what?! NO, I did not, and neither should you! That’s not how virtual payment card numbers are supposed to work.
A virtual payment card number is, essentially, a non-physical version of your “chipped” credit or debit card. It’s a random number that fits the required pattern of a valid credit/debit card number, generated at the point of an online sale. It is tied to your real card number for one transaction only, after which it won’t work for any payment. Credible institutions such as American Express, Bank of America, Capital One, and Citibank offer virtual card number services. Never get such things from strangers on the Internet, even if your uncle Joe knows a guy in a nearby city who lives near a police station, and he met a nice lady who recommended them.
What steps do you take to protect your online privacy?
Have a great week from all of us at ZI