What Do HACKERS Do With YOUR Data?

Techquickie ·Techquickie ·2019-05-06 · 1,281 words · ~6 min read

Floatplane YouTube

Transcript

jk

JSON SRT VTT 99

0:00 so there have been plenty of reports in the news lately about large-scale data

0:05 breaches caused by everything from clever hacking to poor security

0:09 practices to somebody just leaving a flash drive

0:12 lying around but once everyone's email addresses passwords and credit card

0:17 numbers get stolen what actually happens to all that information i mean is there

0:21 just like a walmart for cybercriminals where they go to buy your personal

0:26 information at rollback prices and if your information is indeed part of a

0:30 massive breach how do you find out what are the appropriate precautions

0:35 so one thing that's helpful in understanding what happens after a data

0:38 breach is to realize the sheer scope of

0:42 many of them it's not uncommon for these breaches to affect tens of millions of

0:47 people at once and sometimes even more so that means that it isn't particularly

0:52 easy for an individual user to search through large databases of stolen

0:57 information especially considering the sorts of places that information ends up

1:03 oftentimes this data actually will appear on dark web markets that require

1:08 special software to access them where it is indeed

1:12 bought and sold by cyber criminals hoping to rack up fraudulent charges

1:17 drain someone's bank account or even commit outright identity theft

1:21 now you can learn more about the dark web here but it turns out that this isn't

1:26 the only place where personal data can appear in fact sometimes it'll show up

1:30 in a much more public pastebin site

1:34 what's a pastebin site you might ask well it's kind of the digital equivalent

1:38 of the inside of a bathroom stall wall they're designed for anyone to just dump

1:44 a large amount of data as plain text and these things can be great

1:49 for folks like coders who want others to check their code for errors or i mean

1:53 just anyone who needs a place to quickly jot down a non-sensitive information

1:59 in recent years though some pastebin sites have become hotbeds for stolen

2:03 data procured from data breaches now some of this data is put there by

2:08 hacktivists who don't seek to make much if any money off of their exploits while

2:14 other leaks are partially dumped to pastebin sites by attackers as a free

2:19 sample of a larger dataset that they expect to get paid for on one of the

2:24 aforementioned darknet markets and while anyone can bring up data

2:28 that's dumped to a paste bin it's not exactly easy for the average consumer to

2:32 go hunt for their credentials one by one

2:36 after they heard about the latest big data breach on the news

2:39 there is good news though there are easier ways to keep tabs on your logins

2:44 and passwords there are services that try to catalog dark net leaks and that

2:49 automatically detect when large data dumps appear on paste bins then organize

2:54 them into databases and save them even if the original data gets taken down one

2:59 of the best known of these services is have i been pwned which works by having

3:03 you enter your email address which it then checks against a database of

3:07 billions of leaked account records to see if you've been affected by a breach

3:12 have i been pwned uses a bot to monitor pastebin sites for new submissions

3:17 containing credentials and passwords it offers email notifications if the site

3:21 finds your info in a recent breach and it also allows users to enter their own

3:26 passwords to check against the database as well

3:30 which sounds like a terrible idea

3:33 but don't worry have i been pwned employs an algorithm that keeps your

3:37 password secure when you test them by hashing them then only sending the first

3:42 five characters of the hash to a server that contains the database of known

3:47 breached passwords after any matching hashes are found

3:50 they're sent back to your pc which can then determine if your entire hash

3:54 password is the same as any of the passwords found in the database if you

3:59 don't know what a hash is by the way you can learn all about them

4:02 right up here this functionality has actually also

4:05 been built into some password managers which can even tell you if your

4:09 credentials have been found in a recent data dump so

4:13 that's cool but then what if you follow these steps and your details have been

4:18 compromised well step one is to change your passwords step two is to contact

4:23 your bank and credit card companies if your email was tied to those accounts

4:27 and get in touch then with step three one of the major credit reporting

4:31 agencies once you've contacted them you can do basic things like freezing your

4:35 credit for free or if you want something a little less

4:39 intrusive than having your credit frozen you can pay for credit monitoring which

4:43 will send you a report when anyone tries to open a new account or apply for

4:48 credit in your name and that last one

4:51 i know it's kind of a pain and to be quite frank i don't want to advocate for

4:55 those credit monitoring companies because i think at least some of them

4:58 are a bunch of yahoos and i don't mean that in like uh yahoo the company way i

5:03 just i mean they're idiots i remember being on the phone with one

5:06 of them and complaining that their site doesn't support two-factor authentication even though there's a

5:11 blog post on their site from like three years ago recommending that you turn

5:15 two-factor authentication on for any sensitive accounts like and the guy he

5:19 didn't even the guy on the phone okay low-level customer service person

5:23 whatever didn't even know what 2fa was you have a lot of sense of information

5:28 in there anyway it's all you can really do and it's

5:32 really important in the event of a leak that you take action swiftly if your

5:36 information is out there because in some cases the company responsible for the

5:40 leak might cover your monitoring fees anyway and the thing is is like you

5:44 never know what could come back to bite you

5:48 and where

5:51 and if you don't want anything to bite you check out bitdefender total security

5:55 2019. their best in class security solutions for Windows mac Android and

6:00 iOS have been awarded outstanding product of the year by av comparatives

6:04 and they're trusted by over 500 million users worldwide that is half of a

6:08 billion network threat prevention detects attacks including botnets and stops them

6:12 before they begin and also prevents your sensitive information from being sent in

6:16 an unencrypted format you also get ransomware protection a vpn service

6:20 parental controls and autopilot a security advisor that provides

6:24 contextual recommendations based on your device's usage and needs

6:28 all of this is backed by comprehensive 24 7 support so check out the link below

6:32 for more details as well as a special giveaway

6:36 so thanks for watching guys like dislike check out our other videos leave a

6:40 comment if you have a suggestion for a future fast as possible and don't forget

6:45 to subscribe and ring the bell icon

6:50 that's weird when you click it it doesn't ring

6:53 also also they changed the bell icon so make sure you've got the bell icon on

6:57 right there's off and then there's like on a bit and then there's like on all

7:01 the time you want that one