2019 was one of the most significant years for privacy information leak and data breaches. We saw several big companies admitting to severe issues. A simple reality check denotes that being a large business brings forth complicated and intricate security issues.
Information such as name, dob, addresses, email and even more sensitive have made it in the hands of scrupulous characters. You can quickly check to see if your email shows up in one of the databases via Have I been Pwned.
One of the largest was Facebook, with 419 million affected users. The database was available to anyone, and it also included Facebook IDs! To this day, there’s no information about the owner of the server. Of course, the server and database we’re removed quickly.
The Desjardins breach isn’t as significant, but it affected a lot of people in Quebec. There are 4.2 million people affected, and that information could have easily landed on the dark web. It was on the news, in the newspaper and on the radio. Someone internally had access to pull information from people and exfiltrated the information outside of the organization.
Steps that anyone can take to make their digital life safer online.
- Use alternate email addresses for services, apps, websites you don’t need often.
- Use strong password 16 random characters or more.
- Use a password manager.
- Don’t provide detailed information about who you are to any service unless you explicitly trust them.
- Make use of a trusted VPN service on all your devices. Ensure that no logs, no traces, multiple connections, not part of 5, 6, 9, 14 eyes country shared spy program etc.
- Ensure all your devices are using encryption.
- Use common sense.
I’m the first to admit that I don’t always follow those steps.
I do make use of an alternate email address in combination with strong passwords saved in my password manager. In this instance, I use Safe In Cloud.
I make use of a VPN service, which is Surfshark, which isn’t part of 5, 6, 9, 14 eyes country. There are no logs, they can’t cooperate with a security certificate, or provide information on users, as they don’t keep records.
Wherever possible, all my devices are encrypted, and I do make use of common sense!
In this modern age, do you think it’s possible to get some glimmer of privacy online? Can you really safeguard yoursefl?