What to do After a Data Breach

December 3, 2019

At this point, if you use the internet even a little bit, it’s probably safe to assume that some amount of your personal information has been made public.

Last month, in one of the biggest data breaches of all time, 1.2 BILLION records were leaked, containing email addresses and phone numbers from various social media and other sites from around the web.

The good news is that, at least in this case, the data did not include passwords, credit card numbers or Social Security numbers. This is good because that means the actual accounts this information came from have not necessarily been compromised.

But the question remains, what should you do after your account information has been made public?

We at Fishhook are not experts in online security or identity fraud, but we can point you to those who are. According to NortonLifeLock, there is not a lot you can do about regaining your internet anonymity, but there are steps you can take to ensure that bad actors do not gain access to your personal accounts.

Changing your passwords and ensuring they are strong can help protect your accounts. That includes strengthening your login credentials, passwords, and security questions/answers.

Mozilla, makers of the Firefox browser, offer this advice about improving your Internet security:

Data breaches are one of many online threats. Using secure internet connections, updating your software, avoiding scam emails, and employing better password hygiene will help you stay safer while you browse.

Personally, I highly recommend using a password manager. Gone are the days of remembering your one “creative” p@s$woRd and using it for everything. That’s not secure against sophisticated hackers, and it’s certainly not enough to keep your accounts safe. Here are a couple of recommendations for ways to use secure passwords:

  • LastPass - free to start, but the $3/month Personal Plan is worth the upgrade - $4/month for Families is even better! My favorite feature is the Secure Sharing tool, which allows you to share sensitive information with others behind a One-Time-Password, after which the data disappears like it never existed! (This message will self-destruct in 3… 2… 1…)
  • 1Password - besides the critical feature of secure password generation, this tool will let you set up 2-Factor Authentication right in the app and browser extension. Plus, the Watchtower feature automatically alerts you to update your passwords on sites that have been compromised.
  • Firefox Lockwise - most browsers will allow you to securely save passwords, but Firefox positions itself as the browser with your security and privacy interests in mind. Their Lockwise product will let you create, store and access secure passwords across multiple devices, and even “outside the browser.”

Choosing one of these over others is a matter of personal preference. We use both LastPass and 1Password at Fishhook, and a few of us have moved to using Firefox as our default browser of choice.

Using a password manager isn’t the only way to keep your identity and information safe. Mozilla’s Firefox Monitor is another helpful resource with additional suggestions for actions you can take both before and after a data breach. Stay safe out there!


Ben Goshow

Lead Web Developer