Internet users have obviously known for some time that hackers pose a serious threat, but we all got a shocking reminder when security researchers revealed the massive Heartbleed bug earlier this month. The OpenSSL security flaw affected an estimated 66% of the entire Internet at the time of its discovery, and it may have exposed usernames and passwords on any number of popular websites. Big companies were quick to address the bug but as we learned recently, Heartbleed was around for years before companies started patching it earlier this month. As such, hackers had plenty of time to exploit the flaw and steal your login details.
Have any of your online accounts been hacked because of Heartbleed? Have hackers breached your accounts using other means? Thanks to a few free websites, it’s remarkably easy to tell if your data might be at risk.
Forbes contributor Adam Tanner recently put together a simple piece listing three websites that will inform users of whether or not their accounts have been hacked.
The first is haveibeenpwned.com and as the name might suggest, it serves a single purpose: it tells you if any of your online accounts have been “pwned,” or breached by hackers. Using the site takes just a few seconds — simply enter an email address and the site will check to see if associated accounts have been compromised in any one of thousands of known breaches.
Two other services listed by Forbes, PwnedList and Shouldichangemypassword.com, work the same way but may have access to slightly different data, so it’s not a bad idea to use all three free sites.
Also, you can sign up on any of these sites to be notified in the future if any of your accounts are breached. Just like the initial checks, the monitoring services offered by these sites are also free.
Steve Thomas, a co-founder of PwnedList, says that his site learns of about a dozen different breaches and data leaks each day, in which anywhere from 100,000 to 500,000 accounts are compromised. As we showed you recently in a terrifying interactive map of real-time cyberattacks, the threat is huge and ongoing… and the Internet will never be 100% safe.
What should you do if any of these services find that your accounts may have been exposed? First and foremost, change your password immediately and make sure you choose a password that is unique and complex. As always, we recommend using a password management solution such as 1password.