there's a good chance your data has been hacked, leaked, or stolen.

Over a billion users were affected by data breaches in 2018,

and it seems like there are reports

of new hacks every week.

Can you even use the internet

without your information eventually leaking?

What's going on with your data?

We trust companies with a lot of our data.

Unfortunately, we don't always know how

the data's being used or if it's protected.

Third parties accessing your information

without your permission is never good.

But there are actually a bunch of ways

your information can be exposed.

Large data breaches can leak data from multiple companies,

often containing information of millions of users.

In 2018, a leak called Collection #1

was released on the file-hosting site Mega.

Collection #1 contained millions of passwords

and emails all collected from previous data breaches.

But sometimes the attacks are more specific.

Hackers often target individual companies

to gain access to their user data.

The largest hack so far was the Yahoo hack.

In 2013, 3 billion user accounts were compromised.

The breach included user phone numbers,

birth dates, and even security questions and answers.

Even though that breach happened in 2013,

users didn't know the full scale until three years later.

More recently, T-Mobile was targeted by hackers

who stole the data of 2 million users.

These types of hacks are all too common nowadays.

But it gets worse.

Third parties can have access to your data

even if there was no hack.

When you sign into an app or a game with Facebook,

you're sharing some of your data,

and it's hard to know how the data you share

is being used or who has access to it.

In 2015, the app This Is Your Digital Life

shared user data with third parties

like Cambridge Analytica.

Facebook gave the app access to user-profile data

and information on subjects each user was interested in.

Users of the app had no idea this data was being used,

and in April, Business Insider reported

that Facebook had unintentionally uploaded

1.5 million email contacts without user permission.

Facebook has even been criticized for using phone numbers

used to verify passwords to instead target ads,

taking something that was supposed to be used for security

and using it to improve ad tracking.

Sometimes there isn't even malicious intent,

just negligence.

In 2018, The Wall Street Journal reported

that a bug in Google Plus could have exposed

the data of hundreds of thousands of users.

Google claims no user data was misused,

but they failed to disclose this issue for months.

OK, so this type of thing happens a lot,

and your data is probably out there.

But how does this actually affect you?

At best, it doesn't.

If your email address is leaked, for example,

there isn't much that hackers can do

without having other information.

But it gets worse when more private information is exposed.

If passwords and emails are leaked,

you're at risk of having your account stolen

or accessed by someone else.

And depending on where the data came from

and how often it was used,

it could mean someone now has access

to your email login, online bank accounts,

or other very sensitive data.

The worst-case scenario can include things like

credit-card fraud and identity theft.

These breaches have serious impacts

beyond bad PR for a company,

and they're actually getting worse.

The number and size of data breaches

has skyrocketed in the last decade.

According to research from Norton Lifelock,

more than a billion adults

have been the victim of a cyber crime.

OK, so at this point, you're probably a little freaked out

and are wondering what you can do to protect your data.

Here are a few tips that don't take a lot of time

but can have huge security benefits.

First, check if your data has been leaked.

The website Have I Been Pwned

has a database of information that has been exposed.

You can input your info like an email address

or old passwords to see if that data has been leaked.

If it has, change those passwords right away.

Speaking of passwords,

using the same password for everything is a horrible idea.

If one account is compromised,

all of your accounts will be at risk.

Instead, use a password manager, like LastPass

or 1Password.

A password manager securely stores your passwords

and can help you generate unique ones

that are hard to crack with brute-force hacking.

Additionally, setting up

two-factor authentication for your accounts

can prevent someone who has that password

from accessing that account.

If you're feeling overly vulnerable or paranoid,

you can even purchase a device like YubiKey

to add even more security to your accounts.

Even something as simple as keeping your apps

and computer up-to-date

can help prevent malicious attacks.

Next, turn off ad tracking when available.

We give a lot of information to online advertisers

without even knowing it,

but some services give users the option

to limit what is being shared.

If you wanna go even further,

you can use a browser like Firefox Focus,

which acts as always-on incognito mode,

enabling a private-browsing session

that shares and retains less data

than traditional browsers.

Finally, using a paid VPN can hide your internet traffic

and IP address from third parties.

A VPN can also protect your data

when you're using public WiFi.

It will encrypt your data,

making it much more difficult for anyone to steal it

from an open network.

If you think sensitive data has leaked

that could allow for fraud or identity theft,

be sure to contact your credit-card company

and credit-reporting bureaus.

You can also monitor your credit yourself

via sites like Credit Sesame,

which will alert you if there are any inquiries，

into your credit.

This is a lot, I know.

Being on the internet means

we're always sharing some kind of data.

You can't stop a company from getting hacked,

but you can limit how much information you share.