Canva and PDL Data Breach 2019
Apps abound everywhere. Because of their popularity, we’ve become extremely reliant on them to get our day-to-day work done. One such tool is Canva — a graphic-design tool website that allows you to easily create stunning graphics by simple drag-and-drop.
But in May 2019, Canva suffered a data breach that impacted 137 million subscribers. The exposed data included email addresses, usernames, names, cities of residence and passwords.
But, did you know that another breach was found just last month?
The exposed data from data enrichment company People Data Labs (PDL) contained over 622 million email addresses. While this isn’t as big as the Collection #1 breach earlier this year, this should concern you more.
While the collection is impressive for its sheer volume, the data doesn’t include sensitive information like passwords, credit card numbers, or Social Security numbers. It does, though, contain profiles of hundreds of millions of people that include home and cell phone numbers, associated social media profiles like Facebook, Twitter, LinkedIn, and Github, work histories seemingly scraped from LinkedIn, almost 50 million unique phone numbers, and 622 million unique email addresses. – Wired
As more and more breaches and cyber security incidents happen, the more we all have to learn how we can protect ourselves online. Below are three things you should do immediately after learning that your data as part of a breach.
3 Things You Need to Do Immediately After a Data Breach
1. Change your passwords
The moment you learn of a data breach, especially if you are part of the breach, it’s the perfect time to change your password.
To those asking, a data breach or leak doesn’t necessarily mean your account was accessed. It’s possible, yes. But unless you can speak with the hacker, you can’t be 100% sure.
This leaves you with the next best course of action — change your password.
To ensure you won’t risk getting hacked again, we’ve created a 4-day email course on creating and using stronger passwords.
2. Don’t reuse passwords
91% understand the risk of reusing passwords, but 55% do it anyway.
Please, if you want to remain safe online, stop reusing passwords.
Because it’s very difficult to remember unique passwords for all our accounts.
Quick question: when was the last time you counted how many accounts and profiles you have?
Me? I have 348 accounts accounted for. Possibly even more.
Now, if you have over 300+ accounts, which you most likely do, can you remember strong, unique passwords for every one of them?
Maybe, but it’s no easy feat.
The only way to remember all your passwords without having to remember them is to use a password manager.
That’s also the reason how I knew I have 348 accounts. It’s the easiest way to manage all my accounts — from email addresses, various social media accounts, WiFi passwords, tools like Canva, and many more.
Learn how you can use password managers and stop reusing passwords by watching this free video.
3. Understand the repercussions
Vinny Troia, a dark web researcher, said “This is the first time I’ve seen all these social media profiles collected and merged with user profile information into a single database on this scale. From the perspective of an attacker, if the goal is to impersonate people or hijack their accounts, you have names, phone numbers, and associated account URLs. That’s a lot of information in one place to get you started.”
Think about that for a second.
What information have you posed on your social media accounts?
- Family members and who’s related to whom
Aren’t these the same information we use as passwords or security questions?
If all that information is in one place, it wouldn’t be difficult for someone to reset your passwords and gain access to your accounts.
That is unless you enabled multi-factor authentication (MFA).
Without MFA, anyone with these data can try resetting the passwords to your accounts easily. Watch this video to learn the importance of MFA.
Over to You
Cyber security is a topic you should take seriously, especially when it comes to your business. The risks and too great for you to ignore.
In today’s increasingly connected world, it’s almost impossible to not use apps and other online accounts. That’s why it’s a must that we protect our data, our business’ data.
For a primer on how you can create better, stronger passwords, enroll in our 4-day email course. You can also watch this video if you want to learn how you can remember all your passwords using a password manager.
Have you been hacked? Or know someone who has been part of a hack or breach? Let us know in the comments below.