Return to blog
Posted on September 27, 2016

In the Wake of the Breach: How to Protect Your Digital Identity

The Yahoo breach was the biggest digital privacy invasion in our collective history. While the number of affected users—a staggering half billion—is impressive (in a horrifying way,) we should not sit back and think, if it failed to touch us personally (find out by checking your Yahoo email address at haveibeenpwned.com) that we avoided harm and can carry on as usual with our unchecked online habits. The Yahoo cyber breach is just one of what will without any doubt be an ongoing war between the computing public and the prying eyes of criminal hackers. What can you do as a citizen to protect yourself from such attacks? It turns out, quite a lot.

Start with the basics of computer security—essentially, locking the doors of your digital home. Update all software so you aren’t vulnerable to criminals who might exploit flaws in old versions, and make sure to toggle “auto-update” whenever that option is available. Delete free programs and apps you are no longer using that could be stealing your data. Install privacy software and adjust settings on your web browser to block the most common types of tracking used by advertisers as well as malevolent invaders. Utilize password generator services. And as unlikely as this sort of attack may be, cover yourself (literally and figuratively) by putting a sticker or Post-It™ Note over your laptop camera so that hackers couldn’t see anything if they took control of it remotely.

Consider switching your browser of choice to one whose crimes against privacy are less egregious than the infamous Google. DuckDuckGo.com, for example, does not track its users. They make money the “old-fashioned” way, via contextual advertising. Unlike Google, users are not followed across websites in order to be sketched behaviorally.

Scrutinize your smartphone, which likely knows more about you than your children, spouse, or closest friends. Hopefully it goes without saying that your phone, like everything in your life that has a screen, should be password-protected (and not with “1234,” “0000,” “1111,” or the last four digits of your social security number!) Go into your settings and turn off Location Services to prevent apps that don’t need to know your coordinates (anything other than Uber/Lyft, dinner reservation services, and precious few others,) from having such access.

What if you were one of the five hundred million souls who were affected by the Yahoo security breach? What steps should you, specifically, take? First and most obviously, update your password on both Yahoo and elsewhere. Change your chosen security questions. Activate two-factor authentication with any online account that provides this extra measure of security. Finally, be alert to fraudulent emails claiming to be from Yahoo, requiring a password update. Whether you were affected or not, these will never be legitimate or official. For even more peace-of-mind, keep a close eye on financial accounts and credit reporting services.