Over 189 websites have been compromised over the past few years leaking over 2 billion email accounts and their passwords. Since a lot of us end up using the same passwords for multiple accounts, these hacks can be very damaging. Once websites are hacked user’s passwords are made available to the world.
So how do you know if your account has been compromised?
There is a great site called haveibeenpwned. You can for free go to www.haveibeenpwned.com and enter your email address to see if any account tied to your email address has ever been part of any of these leaks.
Here is an example of what is released into the wild after twitter’s website hack:
(We have blurred passwords for user’s security)
What do I do if my email is on one of these lists?
First change the password for that account immediately, once you do that, figure out any other accounts that use the same password and change them as well.
One thing most people don’t think about is when you use the same password for multiple accounts, if one account is hacked or password stolen every account that uses that password (your bank, your social media, your investment accounts, etc) are all compromised as well.
The best thing to do going forward is use a password manager such as 1Password to create unique complex passwords that you don’t have to remember.