In 2019, almost 40% of humans are using a smartphone. That is nearly 3.3 billion users, many of them use several apps/websites on a daily basis. All this generates a humongous amount of data every second – add to this, most of the citizen services offered by the state are also done online which puts more data than ever at the hands of every government department.
Unfortunately, companies around the world that collect/collate these data are being careless beyond belief. In the last few years, the number of data breaches keeps growing, think Target, Mariott, Yahoo, Equifax and many many more. I am not even adding the number of times Facebook had something to report about this. Even the mighty Google had problems with Google Plus service. You will expect companies would’ve become better at protecting our PII (Personally Identifiable Information) data. Instead, they routinely get away with nothing more than a slap on the hand.
Though Europe offers some ray of hope with laws like GDPR, the problem is too big for them alone to solve it. All these leaves, end users to be defenceless. They only have themselves to protect them. A few basic hygiene practices will go a long way in this regard, most often it is common sense. These include:
- Never use the same password in more than one app or website. Use a password manager, there are many free ones like KeePass and paid ones like LastPass, once you set up they are easy to use. [I have written here on how to use KeePass on all your devices]
- Be careful on the email you open, the websites you visit and the apps you install – if you don’t need an app, don’t install it – if anything is tempting, then it is not true. [The IRS tax notice or Indian Income Tax order scams are so common nowadays, so are the lottery winning messages]
- Wherever possible and compulsorily for the main services like Gmail, Facebook, and banking sites enable two-factor authentication.
- Backup to offline media (or) store important data/pictures in more than one service if possible.
Along with the above, users have to be vigilant. They need to watch out if their accounts have been hacked. To do that you have paid services like Experian or Lifelock and others that search all corners of the Internet and the Darknet to monitor to see if any of your IDs or PII or Credit Card details have been compromised – I was happy to get a free subscription to Experian for one year from Mariott after their systems were hacked. A free alternative, which is not as comprehensive, is being offered by my fellow Microsoft Regional Director Troy Hunt through his extremely popular free service have I been pwned?
Still, the number of users even aware of these services are tiny. Hence, I was happy to see Mozilla offering Firefox monitor, a free breach monitoring service with online safety education materials. Along with this, Mozilla has also released a “free” password management app called Firefox Lockwise. Welcome moves, thank you, Mozilla!
Using Firefox monitor is easy. Signup for a Firefox account, then add to the list all the email IDs you use. For the two email IDs, I use I got the following reports.
Be vigilant. Be safe. Enjoy the Internet!
Update 7th June 2019:
- Outrageous! 264GB of customer data exposed by Fortune 500 company Tech Data.