In the wake of the recent Yahoo breach and other high-profile hacks, cybersecurity experts are predicting that we may see aftershocks and secondary breaches for many years to come. How much personal data was stolen, and how it will be used by cyber criminals, is still unknown. However, we can assume that the names, emails, birthdays, encrypted passwords, and security question answers stolen from the 500 million Yahoo accounts will be used in malicious ways. Cases like this show why it's critical to vigilantly protect your online identity by controlling the amount of personal information about you that is available online.
What is an Online Identity?
Cyber criminals can easily develop a profile about you by collecting personal information that is available in many online locations. This profile can then be used to exploit many areas of your personal or professional life, and may be used for identity theft.
Where is Your Personal Information Stored?
Before you can protect your online identity, you first need to know what information about you is available online, and where.
Remember Friendster, MySpace, WebKinz, WiiChat, NeoPets, FarmVille, and countless other sites you once used but have long since forgotten? These sites live on — along with your personal information — long after you have moved on to the latest popular site.
You've most likely been giving away information about yourself for years through social media, professional networks, and ancestry sites. Practically all of the answers to common security questions can be found on these sites, including:
- Social media sites (Facebook, Twitter, Snapchat, Instagram):Your birth date, email address, home city/state, interests/hobbies, favorite food, places frequently visited, vacations, life events (wedding, births, deaths), photos, relationships, and your conversations with friends and family.
- Professional network sites (LinkedIn, career sites): Your birth date, phone numbers, photo, email address, work history, education, skills, professional affiliations, certifications, languages spoken, and your professional associations and connections.
- School and classmate sites: Your education, school names, hometown, nicknames, friends, and connections.
- Ancestry/genealogy sites: Your birth date, family members, maiden name, hometown, birth city.
- Internet public records, maps, newspapers, and White Pages: Your address, previous addresses, phone numbers, property tax records, property value, pictures of your home, criminal records, court ruling, bankruptcy data, obituaries, weddings/marriages, and legal filings.
How to Protect Your Online Identity
Treat your personal information like cash: don’t give it away freely. Here are some ways you can control the amount of personal information about you that is available online:
- Follow password best practice recommendations and never reuse passwords. Access controls may be the last line of defense, so use unique complex passwords for each site and multi-factor authentication wherever possible. See our password strength best practices
- Keep systems and software updated with the latest versions and security patches. See our recent webcast, Next Generation Antivirus
- Perform a cleanup of the sites you use on a regular basis and reduce the personal information you make public. Review and implement privacy settings to minimize who can view your information. Revisit your old favorite sites to remove personal information or delete the account entirely.
- Opt out, delete private information, and remove listings from as many sites as possible.
See our recent webcast, Dealing with Personal Identity Theft, for more information on protecting yourself from personal identity theft, and how to respond to potential identity theft.
- Being Smart About Your Smartphone — October 24
- Talking to Your Family and Friends About Cybersecurity — October 31
If you have any questions, please contact your ACA Aponix consultant or email us at email@example.com.