Pwning refers to when someone’s personal information appears in a data breach. This means that your data was collected in a breach and could appear on Dark Web marketplaces, or paste sites, which contain a full list of collected personal information such as email addresses, phone numbers, and full names.
There are different sites to help you figure out if your information was “pwnd”, such as HaveIbeenpwned. Enter your email address and it will determine if you were affected by a breach. You can also register to be notified if you are affected by future breaches.
But… breaches are not the only issue. Since we tend to re-use the same email and password combinations, this can lead to what is known as credential stuffing. This is when an attacker gathers your compromised data and uses automated login tools to fill in your username/password credentials. This then gives them access to your social media accounts and work-related systems, making your data vulnerable. It is best to make sure you use different login credentials on each of your accounts to deter these cyber attacks.
Because sites are often breached, your username and passwords are likely to be compromised. You can lessen the impact a breach has on your accounts and data by following these tips:
- Create unique passwords for your data.
- Use multi-factor authentication (MFA) as an extra layer of protection. It prevents someone from using your compromised data to access your accounts as they would also need a token.
- Consider using password managers. They can help you keep track of your accounts and passwords. Try using LastPass, Bitwarden, or a locked document.
- Follow Cyber security best practices (PDF, 10MB)
Stay cyber secure!