5 tips to protect yourself after the LivingSocial data breach


Written by:

LivingSocial password breachThe social deals site LivingSocial was just hacked to the tune of 50 million compromised accounts. If you’ve ever signed up for LivingSocial, your name, email, date of birth, and password are at risk (luckily, the databases containing credit card and financial info weren’t affected).

LivingSocial is yet another example of a giant data breach affecting millions of people’s personal information. There have been dozens of major data breaches so far in 2013, including Evernote, Zendesk, Twitter, The Wall Street Journal, and The New York Times. No company can claim that your information is 100% safe. Data breaches are the rule, not the exception, and you can bet on there being more of them in the future.

It’s tough for consumers in this big data world: everywhere you go, companies are collecting your data, selling it, and–as current trends show–losing it by the millions through data breaches and hacks. It doesn’t just put your identity and your finances at risk, but it’s inconvenient and stressful to have to continually change your login info any time it’s hacked.

Below are 5 tips to help protect your information before or after a data breach.

And wouldn’t it be great if there was a privacy tool that did most of these tips for you? Well–wink, wink–one is coming soon. Click here to sign up to be notified when it’s ready.

1. Change your information on the compromised account

It seems obvious, but if you only do one thing, this should be it.  Was your password compromised?  Make a new one.  Was your credit card stolen?  Cancel it. Don’t risk your identity being stolen.

LivingSocial accounts

2. Don’t use your real birthday online

cupcakes_2Treat yourself to a second birthday that you use when required to give your age during account signups. Make sure you remember it, because you may need to provide it to authenticate your account (for example, if you ever forget your password in the future). With this fake birthday, you’ll be able to use websites and services while protecting your real date of birth in case hackers get it. That’ll make them less likely to be able to access more important accounts, like your online banking and credit cards.


3. Make your new password strong

Password strength is combination of length, content, and change frequency. In general, longer passwords with a wider variety of capitalization, letters, numbers, and symbols are the most secure, and the more often you change them, the better. The harder it is for others to guess, the safer it is. A few examples of notoriously common (and therefore bad) passwords:

  • “password”
  • your first or last name
  • “123456”
  • “qwerty”
  • “letmein”
  • “master”
  • “abc123”

3. Use this simple tip to create strong, unique passwords you can always remember

Here’s a pro-tip for remembering all your login information. You’ll create a strong base password that you know you’ll remember, then apply a rule to it that will make slight variations of that password for each site where you register. The result: a unique password for all your accounts. Here’s how it works:

Let’s say your base password is AbinePrivacyRocks!@#! You’ll then make a rule that you’ll apply consistently whenever you make a password. One example of a rule: you’ll take the first letter of the site name and add it to the end of your base password. If you’re signing up for Facebook, for example, you’d add the “F” from Facebook and end up with AbinePrivacyRocks!@#!F.

As long as you remember your base password and the fact that you add the new letter at the end, you’ll be able to remember all your passwords on every site you use. Just be sure to never tell anyone either your base password or your rule.

4. If you’ve reused your compromised login on other sites, change it

A 2003 survey found that 65% of us use the same password for different applications or services. We’re only human; we can’t keep hundreds of different username and password combinations in our heads at all times. But in our effort to try to keep things simple, we expose ourselves to a great deal of risk. Think about it: a spammer who discovers your password on, say, Facebook, can then access all the other sites where you use it: PayPal, your online banking site, your phone service, your email, and everywhere else.

We recommend using your password creation rule, described above, to make new passwords on all your accounts. Start with the most important ones (like email, online banking, shopping, and social networks), and move on from there.

Unique passwords

Were you a LivingSocial user, or has your info been hacked on another site? Are you losing faith in companies’ abilities to keep your information safe? Let us know in the comments below.

Follow Sarah Downey on Google+!

Leave a Reply