How To Know If Your Online Account Has Been Compromised and What To Do

As an Information Security (infosec) practitioner, one of the most common questions I get asked is “How do I know if I was hacked?”

Well, this is a very broad question and as such it doesn’t have any one particular answer. This is because cyber security threats come in different forms and hackers are always generating new, sophisticated ways to hack people.

Knowing if your system has been hacked is not as straight forward as it may seem. The most simple advice that I can give you is to be aware of any unusual activity in your system. This could be a spike in CPU usage and appearance of toolbars or files that you didn’t create, among other things. This is besides me telling you to hire a security specialist and installing a viable antivirus software or intrusion detection systems.

However, on a personal level you can find out if one of your online account passwords has been leaked online.

Data Leaks

A data leak is the intentional or unintentional release of private information on the web. Databases of user information and credentials can be exposed to the public through a hack or an internal error made by a service provider.

A very famous data leak is the Equifax data leak that occurred in 2017 where user information such as names, addresses, dates of birth, Social Security numbers, and drivers’ license numbers were leaked. This data leak cost the organisation more than $18 million.

Other data leaks reveal more than just personally identifiable information. They also release passwords and usernames. The passwords may either be encrypted or stored in clear text (WHICH SHOULD NEVER BE THE CASE). An example of such a data leak was the Zynga data leak of 2019. Usernames and passwords can come in handy for malicious hackers. They can use your username to find you on other online platforms and find ways to social engineer you or others with it in order to gain access to your account. Weak passwords and poor encryption can be leveraged by hackers to obtain your password in clear text. With your password the hacker can then access your account directly and in the event that you reuse passwords, the hacker can gain access to your other online accounts. That is why we (infosec guys) always preach for secure passwords and avoidance of reusing of passwords.

How to Know Your Password Leaked

There are certain tools/websites that allow you to check if your password has ever been leaked in a data breach.

HaveIbeenpwnd website

Pwn is a term used by hackers to mean that an account has been hacked. If I get access to your system and can perform any action in it such as execute code, I refer to your machine as “pwned”.

The HaveIbeenpwnd website is trusted in the infosec community for it takes its time to confirm breaches and then allows you to search for your email in their database.

Other similar services

Other services similar to haveIbeenpwnd include the following:

What next?

If you found out that your password has been leaked, the next step is to change the password of that account if you can still access it. If you have reused the password, also change passwords of the other accounts.

A step further

To improve your password security further, look into getting a password manager. A password manager is a software that allows you to store your passwords in one place. You only have to remember the master password. So make it strong but still memorable.

The password managers also come with features such as strong password generation and security challenges that allow you to reduce password reuse and also encourage you to change your passwords after a certain period.

I recommend the following:

The last thing I recommend is the use of multifactor authentication. This prevents hackers from accessing your account even if they have your password. An example is the use of Google Authenticator that generates one-time login codes for your accounts everytime you try logging in.

Avoid using text-based multifactor authentication if you have another option available. They have been known to be compromisable.

Conclusion

It is important for you to practice good password hygiene so as to protect your online accounts. Just as you would procure a good lock for your house, ensure that you use good passwords and apply appropriate methods to protect your online accounts.

Leave a Reply

Your email address will not be published. Required fields are marked *