Have I been pwned? How to know & protect yourself against identity theft

September 13th · 4 min read

Have I been pwned? How to know and protect yourself against identity theft

In H1 2018, InfoWatch Analytical Center registered 1,039 confidential data leaks which is 12% more than in H1 2017 (925 leaks).

InfoWatch Analytical Center registered 1,039 confidential data leaks

And in June 2021, IT Governance found that since the beginning of the year, there have been 729 security incidents.

As you can see, information leaks are becoming more and more prevalent around the web and you should be mindful of the fact you’ll eventually be a victim of a data breach one way or another.

So what can you do to prevent your information from being leaked? And what can you do when you discover your information has already been leaked?

Today, we are going to share with you how to detect if you’ve been pwned and what to do if you discover you’ve been pwned.

Let’s get started.

What is pwned in cyber security?

In simple terms, pwned is when a user's personal information is made public without their consent. This information can include but is not limited to, their real name, address, phone number, email address, credit card information, and any other information that can be used to identify a person.

These data breaches often happen due to attacks aimed at stealing personal information to then be sold on the black market.

The buyers of this information can use it by:

  • Holding your Internet accounts for ransom (e.g., social media accounts)
  • Padding your account reputation by using fake followers
  • Using the information to make better-targeted attacks on you (as the victim)
  • Buying products or services with stolen credit card numbers
  • Facilitating money transfers to get cash

How do I know if I got pwned?

There are two ways you can know if you’ve been pwned, the first way is to use a tool that actively searches for lists of known data breaches and crossreferences your personal information to see if it has been leaked and the second way is to manually search databases.

Get automatic information leak alerts

By installing a tool like Guardio you’ll be alerted of data breaches that put your privacy at risk so that you can quickly take action and prevent identity theft. Once you finish installing Guardio, do the following:

  1. On your dashboard, click “Leaks” on the left side of the screen.

  2. Then click “Add Email” and type in your email address. Guardio will send you an email to confirm your identity and make sure you are the owner of the account.

  3. Check your email and click the link Guardio sent you to confirm the activation of the service.

Get information leak alerts with Guardio

After that, Guardio will actively search databases and notify you when it detects your personal information is compromised.

Besides alerting you when you are being pwned, Guardio will help you…

  1. Actively protect your browser by scanning every site, page, and service you visit to make sure you don’t enter compromised websites.

  2. Automatically detect and remove malicious extensions that risk your personal information, install adware, or change your browser settings.

  3. Block intrusive notifications that try to invade and take over your browser.

  4. Detect search hijacking attempts, block them, and direct your browsing to your preferred search engine.

Manually check known data breaches lists

If for whatever reason you don’t want to automatically get notifications when there’s a data breach that involves your personal information, use a website like Have I Been Pwned to manually search databases.

Check if you have been pwned

Again, you’ll have to manually do the search every time you want to check if you’ve been pwned but at least it’s better than not doing it at all.

What to do after discovering you’ve been pwned?

After you discover you’ve been pwned, you should immediately change your passwords. Use a password manager to avoid using the same password every time and make sure they are secure.

If more sensitive information like credit cards and phone numbers are leaked, quickly cancel/change them to avoid having bigger issues.

Summary

Being pwned is when a user's personal information is made public without their consent. This information can include but is not limited to, their real name, address, phone number, email address, credit card information, and any other information that can be used to identify a person.

These data breaches often happen due to attacks aimed at stealing personal information to then be sold on the black market.

There are two ways you can know if you’ve been pwned, the first way is to use a tool like Guardio to actively search in lists of known data breaches and crossreference your personal information to see if it has been leaked. And the second way is to manually search databases using a service like Have I Been Pwned.

After you discover you’ve been pwned, you should immediately change your passwords. Use a password manager to avoid using the same password every time and make sure they are secure.

If more sensitive information like credit cards and phone numbers are leaked, quickly cancel/change them to avoid having bigger issues.

We hope you found this information useful. If you have any questions about search redirects or how Guardio can help you stay safe online, we’re more than happy to talk and assist. You can contact us at yourfriends@guard.io.

Safe Browsing!

Be the first to know!

Subscribe to our exclusive mailing list and get the freshest stories from the Guardio team

You may also like