When was your first data breach?

tim interweb, lol No Comments

At first glance this made me laugh…
But more than anything else, it is a reminder about identity protection. To minimise exposure to data breaches, it really pays to have multiple email accounts. For example I will never use my ‘business’ email address to subscribe to anything, or to login to anything. I would never have considered this issue years ago, but heres what I have learnt the hard way:

My first email account would have been generic with NZ ISP ICONZ sometime around 1992 and a few years later with NZ ISP iHug

My first domain registration was 1996-11-03 for soundbite.co.nz and that became my default email account for everything!
At no point have I ever been advised of a data breach (which is now mandatory by law)
But if I check my soundbite email with the site Have I Been Pwned it says that email has been in 27 data breaches. So that explains why for example I get Kickstarter emails even though I have opted out of all Kickstarter emails ie the spammers are using a data breach from Kickstarter.

HISSandaROAR domain was registered 2009-04-13, a year before HISSandaROAR launched. And I only use that email address for work, and accordingly it has been in zero data breaches.

So thats the moral of the story:
Data breaches happen, and in my case that has been 27 breaches in 27 years (1997-2023) so for an email address that is used to access websites & services, you can expect one breach per year. Who uses that data breach & for what purposes remains to be seen, but you can definitely count on spam increasing with each breach.

– Do not use an important email address (personal or business) for subscriptions or account login services.

– Create a seperate burner email address(es) for anything that could be exposed via data breach.

What prompted this?

An Australian media site has an interesting recent interactive project:
See your identity pieced together from stolen data

It basically walks you through each data breach, as/when it happened and the potential ramifications. If HaveIBeenPwned says you’ve had no breaches then it wont be so interesting, but with 27 breaches mine made for interesting reading, starting at Myspace in 2008… Back then I had no idea of the endless hassle created by data breaches, so this is me telling my younger self to adopt better practices…

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *