If your online accounts have been hacked, you may be thinking about what to do next. There are multiple ways to find out if your accounts were hacked — and the severity of the breach.
HaveIBeenPwned
Have I Been Pwned, a searchable data breach database was created by Troy Hunt, a Microsoft regional director, and MVP in December 2013. With 1.5 lakh visitors every day, and three million email subscribers it is, by far, the biggest and most popular method to find out if your password has been stolen.
You start by simply entering your email address or username, and within seconds details of any data breaches that your credentials were stolen will appear. However, the site won't tell you which sites the password was found on since this could make it possible for someone to piece together a username and password that hasn't been changed yet.
DNS Hijack
A domain name system (DNS) hijack is another way that hackers can find out if their victims are using a particular website. DNS hijacks redirect your computer’s web browser to an entirely different website — usually, one that looks like the real website you’re trying to reach.
History Scan
You can also check your browser’s activity history to see if a hacker accessed your computer via your browser. See if there are any entries that indicate that someone used your computer to visit a website your browser normally doesn’t go to.
Mitigation Tips
You can't protect against everything. The most important thing you can do is to always keep your personal information secure. And even if you do everything right, there is always a chance that you'll get hacked.
A breach is a catastrophe for any business, not just one dealing with large amounts of sensitive data.
The more you know about hacks and how to mitigate them, the better equipped you are to respond to a breach. There are a number of ways to protect your online accounts, including using a password manager, two-factor authentication, and multi-factor authentication.
If you do not think your account was accessed by someone other than you, the best thing to do is to log out of all sessions and change your password. And activate two-factor authentication, which will cut down on the likelihood that someone will gain access to your account, even if they have your password.
Once you're sure that you didn't have unauthorized access to your account, you can get back to business as usual.
There are other ways, too, that you can protect yourself from online threats, including installing your operating system's built-in protection or using a virtual private network (VPN). And if you do think your account was accessed by someone other than you, make sure to report it as a potential hacking attempt.
