How To Know And What to Do When Your Password Is Compromised - 2018

Malicious actors are unscrupulous and will invest large amounts of time attempting to profit from your personal information.

Unfortunately, it is estimated over half a billion stolen passwords are floating around on the internet, many of them on sale to the highest bidder.

Being on the receiving end of this illicit trade, can be life-changing.

But its not all bad news! Thankfully there are helpful practices you can implement right now to mitigate this problem.

Here’s our guide on how to know and what to do when your password is compromised.

1. Device Performance - The first thing you should take stock of is any sudden changes in your device performance. If your devices suddenly start running abnormally slow, automatically restarting or applications keep crashing, this may be an indication your account has been compromised.

The Verizon 2018 Data Breach Investigations Report found that 68% of breaches took months or longer to discover. What does this mean? Well, it means the people doing the hacking have had a lot of time to manipulate your system and probably have. A sudden decrease in device performance may indicate that a hacker is running malicious software behind the scenes eating into your processing power. Hence the dive in performance.

Take a look at your system usage and see if any unusual applications are running in the background.

2. Data Usage – Another common feature that may indicate your credentials have been compromised is a sudden uptake in your data usage. If indeed hackers are running additional applications it's likely to eat into your data allowance.

If you find you’ve exceeded your data limit halfway through the month, despite no change in your behaviour, then it could well be a sign hidden applications are running.

3. Unusual Activity – Unusual activity across any of your accounts, that you can't recall could well be a giveaway that a malicious actor is present.

The most alarming unusual activity you should act upon is financial. If when examining your bank statement you come across payments to accounts in the Cayman Islands, despite never hearing of the place then you know you have a problem. However, not all unusual activity will be this explicit or obvious. Take care to check for strange or obscure purchases or subscriptions that do not reflect your buying habits.

Similarly, not all unusual activity has to be financial; it can come in many guises. It could be a post on Facebook you have no interest in and don’t remember sharing. It could be Alien in your recently watched on Netflix, despite the fact you hate Sci-fi. It could be the Rolling Stones in your Spotify library even though you only listen to classical music. It could be a photo album that's saved in the cloud despite you never using a cloud stream. If something sticks out and doesn’t fit your pattern of behaviour, then listen to your gut instinct.

4. Missing Mail – If you find yourself failing to access an account despite the fact your confident you have the correct password, then it may indicate you have been compromised. Hackers will often change login credentials to deny you access once they have it themselves. At this stage, there's no need to panic you merely may have forgotten the correct password.

If you attempt to reset your password via email, but never receive an one, then it is a strong indication you have a problem. Just as hackers often change passwords once they have access, they also change the associated email addresses. This means that despite any reset requests you make, they will never reach you as your account has effectively been stolen.

What To Do

5. Change Passwords Immediately – This may sound obvious, but there's a process to it that can make all the difference.

Your priority should be to change your password vault or manager login credentials if you have one. If you have a vault with your passwords in, but the hacker has the key to that vault, then all the passwords remain vulnerable. You need to ensure your vault or password manager is secure. When resetting what is in effect your master password ensure it is long, complicated and has never been used or is in no way related to previous passwords. See our 10 Best Practice Password Tips to implement the strongest of passwords.

The next step is to change the password involved in the data breach. From here you should proceed to replace all the passwords within your vault now that you know its secure.

NOTE: In some scenarios you may be completely locked out of your account If a hacker decides to change your password and the associated email address. In this scenario you are unable to access your account or change the password as the email reset process has also been hijacked. 

Contact the company or website directly and begin the account recovery process.

6. Notify Respective Authorities – If the breach involves access to financial information, then it is necessary to notify your bank and have them freeze or at least monitor your accounts for unusual activity until you can be sure your account is secure.

For additional security ask that you be sent notifications concerning large or unusual transfer of funds. This way you can verify if the actions taken are indeed your own.

7. De-Authorise 3rd Party Access and Plugins – Many of today's applications are interlinked and depend on other applications for access. We've all seen the “log in with Facebook” option. While this provides a swift and efficient way of accessing multiple applications, it also allows a hacker to move across those platforms with ease.

While most household platforms like Facebook will request you re-authorise third-party applications, it's easy to miss the significance of this act. You have to be alert here, examining precisely what you allow in. If a hacker has indeed compromised your network and installed malicious applications, you need to ensure you don’t readmit them! Instead of quickly signing off any third party application, take your time to check its precisely what it says it is.

8. Verify Devices – Most applications now allow you to authenticate and verify a device. Take advantage of this and conduct a security checkup. Boot and report any devices accessing your account, that you are either no longer using or didn’t authorise in the first place. Permit only devices whose integrity and security you can ensure. For example, it would be unwise to access applications containing sensitive information from a public device, such as a library computer as you cannot guarantee its integrity.

Similarly, many platforms are now capable of sending you notifications around devices trying to access your account. Enable these notifications as they will alert you should a malicious actor attempt to access your account through a non-verified device.

 9. Install Trusted Anti-Virus Software – The time between a data breach and it being discovered is often months. In this time a hacker may have installed malicious software to compromise your system even further.

To mitigate this risk, ensure you install and run trusted anti-virus software.

10. Ask Friends to Notify You if Spammed – Its certainly not a high-tech solution but its logical. Give your friends the heads up and ask them to contact you if they receive unusual correspondence or see activity on your account that seems out of character.

Conclusion

Personal credentials remain a highly vulnerable aspect of our security system. We are prone to mistakes and are capable of being manipulated.

To ensure your personal credentials remain secure follow our tips above. Pay close attention to your devices behavior and go with your gut instinct.

If you have any queries regarding the implementation of these practices then feel free to contact us, we are happy to help!