Internet privacy and security course
About translation
Previous Next

Chapter 113

Checking data leaks

Data leak and identity theft

This topic is extremely close to checking data for identity theft or rather data leak is part of identity theft. However, they are not absolutely equal. If hackers hacked the forum where you had an account, this is a data leak, but not identity theft, since your account is not directly connected with your personality.

But if hackers have your account on the dating site with your photos or a copy of your passport and they use this information for illegal purposes, for example, to receive an online loan or to register an account with your data, that is identity theft.

Therefore, to find out if there was a data leak you should use the tips to check personal data for identity theft. There is a separate chapter of the course devoted to this issue.

Ways to check for leak

Check through leak aggregators

There are sites that collect information about public leaks and the database of leaked accounts and give users the opportunity to check their email address for the presence in these databases.

I recommend using the largest and most popular leak aggregator Have I Been Pwned. Firstly, it has the largest database, secondly, it does not give out passwords and does not sell data, as you may understand from reading the chapter not all services treat personal data with such respect.

The principle of leak aggregators is the same for all, you specify your email or login and the site checks if it is in the leak databases. You need to recall all your emails, if the current one you use for registering on sites differs from yours a year or two ago.

 

Advice

Recall your email addresses and check them in the leak aggregator.

Please note: in accordance with its privacy policy, Have I Been Pwned collects all the data you enter on the search form, browser information and IP address. All this information is stored indefinitely on servers leased from Microsoft in the United States.

Check for occurred leaks

Even the largest leak aggregators have their drawbacks. Unfortunately, not all of the hacked data gets into free access, and therefore, it doesn’t go into the base of hacked accounts. It is known that between 2013 and 2015 Yahoo leaked all user accounts, but most likely when checking the Yahoo account the service will not detect the leak, because the data was not posted and did not fall into the aggregator database.

The advantage of such compromised accounts databases is in their convenience, but for a better check it is recommended to go through the list of resources where there were known leaks and recall whether you had accounts there. This can take a long time, but it is important to check the data for leak.

 

Advice

Go through the list of major leaks and hacking sites of recent years and recall whether you had an account there.

Check data through search

Write down all the sites you have used in recent years, then check them through a search by adding words like “hacked” and “leak” to the query. This is the most boring, but the most effective way to check. It is suitable both for mass and targeted checking of any site for leaks.

 

Advice

Enter the site name in the search and add words like “hacked” or “leak” to the request to check information about possible leak of personal data.

What to do if your data has leaked

You will not find any magic advice here. It is necessary to change the password to the account, enable two-factor authorization, and it is advisable to delete it at all if there is no interest in it. If your identity is stolen, there are a number of special measures that will minimize negative consequences.

 

Advice

If you had your account leaked, the best solution would be to delete one.

Not all leak aggregators are equally safe

As part of this material, I offered you the largest and most popular service, but using the search, you may find a much larger number of leak aggregators. Not all such services are safe to use.

Some of them are focused on phishing, when the user is asked for data supposedly for verification, and in fact they are used to steal an account or for sale. Some such services request the user login and password directly, without which verification seems to be impossible.

There is another category of services that after entering data report their leak. Sometimes they check with a public database of another service, less often they simply mislead the user without even checking the data (it works like fake free antiviruses, finding non-existing threats from the victim and demanding money for their removal).

After verification, the victim is offered a number of paid services to remove data leaked to the network. I have not checked the effectiveness of such services, but it looks like a hoax. I do not know any effective methods for deleting leaked data, especially those that were distributed on the darknet, sold or posted on more than one dozen of resources.

But there is another type of similar services, in my opinion, far more dangerous for users. Such services do not just provide an opportunity to check, but also there may be a chance to purchase leaked data.

In recent years in the network there has been actively developing an information gathering service, or the so-called digital intelligence, when specially trained people search for data on the victim. They are looking for messages, interests, acquaintances, any activity and other information requested by the customer.

Sometimes they are law enforcement officers or representatives of private cybercrime investigators looking for information about hackers. Sometimes these are private investigators who have been actively introducing cyberspace intelligence and espionage services in recent years.

One of the ways to collect data on the victim is to check the victim’s accounts in the list of leaks and then get access to them. In this way, you can get access to emails, social networks, chatting on dating sites and forums. That is why I have repeatedly advised and continue to advise you to delete all unused accounts, social network pages and email boxes.

Today you have used an account on a dating site, tomorrow you may forget about it. The site was hacked, and the account was in the hands of personal data sellers. In ten years you become a successful politician or businessman, and your enemies order the collection of compromising materials on you. It is when this most hapless account and all correspondences can emerge, where you due to youth or under the influence of alcohol could well have spoken too much.

 

Advice

Recall and delete all unused accounts of dating sites, social networks, forums, email.

Fortunately, law enforcement agencies in different countries are struggling with similar services. For example, the popular service LeakedSource, which sold accesses to more than three billion leaked accounts, once went offline and a message from a user aware of the situation appeared on one of the forums.

LeakedSource in over forever, it will not return. The owner has had a search today, he has not been arrested, but all the SSDs have been confiscated, and the LeakedSource servers have been requested for the court, they are under federal investigation. If he can somehow recover from this and start LS again, it means that I am mistaken. But I am not.
Anonymous author

Later information appeared that the alleged owner of LeakedSource Ontario, Jordan Bloom, was arrested by Canadian police and accused of selling identity information, unauthorized use of a computer, and stealing data and possession of property obtained by criminal means. As the media wrote, the shadow leak aggregator brought him about a quarter of a million US dollars.

Once again I want to note that legal services are different from illegal ones in the way that you can check your account for leaks, but you cannot either get or buy a password or password hash or other information found in leaked data.

Previous
7149
Next