technology

Worried your data was on Genesis Market? Here’s how to check – and clean up your digital footprint


Your digital footprint is probably bigger than you think (Picture: Getty/iStockphoto)

Operation Cookie Monster, the global sting that brought down a criminal online marketplace, highlighted the extent of stolen data available on the internet.

Users of Genesis Market could purchase stolen IDs for as little as 56p – and there were 80million sets of credentials on the site.

What if you were one of them? 

You can check whether your information has been leaked or compromised with this portal set up by the Dutch Police, which led the operation alongside the FBI.

If your data has been leaked, most importantly, update the passwords all of your most important accounts, such as banking and insurance, as well as those affected by the leak. Even if sensitive accounts weren’t involved, the fact that some of your information has been leaked makes it easier for hackers to target other accounts.

You may also wish to notify your bank and other stakeholders, or add a fraud alert to your credit report, which can stay on your account for a year or longer, ensuring an extra step of verification before credit can be approved.

Run your antivirus software to catch and remove any malware as a precaution.

Operation Cookie Monster shut down a criminal website selling stolen data (Picture: NCA)

However, even if your data hasn’t been compromised, many of us go about our lives on the internet without realising the trail of information left in our wake.

‘A digital footprint is any imprint you leave in cyberspace,’ says Surrey University’s Professor Alan Woodward, a specialist in cyber security, covert communications and forensic computing among others. ‘If you think about when it snows, you leave footprints behind. The difference is when the snow melts, they disappear.

‘In cyberspace, nothing ever disappears, it’s there forever.’

There forever – if users don’t get rid of it themselves.

‘Your digital footprint has the potential to reveal a lot about you,’ says Steve Wilson, UK and Ireland director at Norton, antivirus and software security providers. ‘From ‘active’ footprints – left behind from the likes of social media posts – to ‘passive’ footprints such as cookie data collection, it’s crucial to be aware of the information we are leaving behind. 

‘We all have digital footprints and chances are, yours is bigger than you think. Whether you’re online shopping, swiping on dating apps, reviewing restaurants or racking up loyalty points, you’re leaving breadcrumbs of information behind, and this data can serve as an easy entry point for cyber criminals.’

Readers Also Like:  Jimmy Buffett's laid-back party vibe created adoring 'Parrotheads' and success beyond music

What makes an even easier entry point is the data sources users have forgotten about entirely – but are still working away in the background.

‘Internet time moves so fast, and with the number of new social media platforms and email systems, we’ve all got defunct accounts out there that still have our data in them,’ says Professor Woodward. ‘It really is incumbent on individuals to try to keep track of things and clear them out.’


MORE : In praise of the password – the key to your digital kingdom

Tracking down old accounts, and either deleting them (easier said than done in some cases, including social media accounts that encourage users to deactivate rather than delete) or making sure they have strong passwords, is an essential step in cleaning up your footprint.

‘If you’re not very careful, old email accounts can be the keys to your digital kingdom,’ says Professor Woodward. ‘Take an account you’ve forgotten the password for [e.g. an online shopping site] – it will send a reminder to your email, which could be that old email. Hackers will quite often find these old email accounts, find out where you’ve used them, and send password reminders.’

Strong passwords, of course, are key to protecting your online self. Weak or reused passwords leave users at high risk of multiple methods of hacking.

Visitors to Genesis Market are now greeted with an FBI notice (Picture: PA)

‘There’s a type of attack called credential stuffing, where unfortunately people don’t use different passwords for different accounts,’ says Professor Woodward. ‘Quite often they’ve used the same password for an email account as they have for [other sites] – or worse, that email is their two factor authentication. If hackers find an email you’ve forgotten about and get the password for it, they’ll go around all the big popular websites and try that username and password combination to see if it gets them in – and quite often it does.’

Readers Also Like:  Microsoft CEO Nadella asked for pay reduction after security slip, but total comp still rose 63%

Professor Woodward also has some surprising advice when it comes to the data you actively share with websites.

‘People have a tendency to tell these websites the truth,’ he says. ‘Obviously there are some, like government sites and banks [that you need to provide accurate information to], but I think you can be pretty sure they’re secure.

‘But others, like Facebook and Twitter, why am I going to give them my [actual] birthday? I’m like the late Queen – I have an official birthday for online, and I have my real birthday.’

To be clear, that’s not to say lie about your age, especially for sites with a minimum age for use, but that you don’t need to share your actual date of birth – change the day or month.



Norton’s seven steps to a cleaner digital footprint

  1. Regularly clean your privacy settings: Share social content while controlling who sees your posts by adjusting your privacy settings.
  2. Use search engines to search your name: Like a celebrity, go ahead and search your full name on multiple search engines. In scrolling through the first two pages, see anything you don’t like? Internet users have the right to ask website administrators to remove pages that contain sensitive or negative information about them. Be sure to try any common misspellings as well. 
  3. Be mindful of what you say and how you say it: A digital footprint filled with negative tweets and offensive pictures will leave you vulnerable.
  4. When did you last use that app? Review or delete: Apps will occasionally update their privacy and information-sharing policies. It’s important to review your app’s settings from time to time and if you don’t use an app anymore, delete it.
  5. Regularly update your device with comprehensive antivirus software: Many viruses and malware programmes are specifically designed to “mine” your digital footprint, and they are constantly updated. To help protect yourself, keep your antivirus software and other cyber safety software programmes up to date. Products such as Norton Antitrack not only help you protect your data but also disguise and protect your digital footprint as you browse the web.
  6. Use two-factor authentication for an added layer of security.
  7. And finally… always create strong, memorable passwords.
Readers Also Like:  Ecommerce and fintech firm Bolt lays off 29% of staff

‘In terms of covering up your footprint online, minimise what you give away,’ says Professor Woodward. ‘Only give away information if you really have to and don’t feel this necessity to tell the truth all the time – ask yourself ‘why am I giving the site this information? Do they really need it to have a relationship with me?’ Because it’s enough if people get hold of your name, address, phone number and date of birth [through hacking that account or a leak] for them to go off and fake your identity.’

Basically, the less data you share, the better. Of course it’s impossible to spend any time online without leaving data, the same as it is to live in the same house for years without collecting more and more clothes, books, trinkets and toiletries. But just as you wouldn’t go years without tidying up around the house, forgetting where things were and leaving a few windows open, don’t forget about taking the time for some online housekeeping to help sweep up after that digital footprint.

‘Ideally, don’t give your data in the first place,’ says Professor Woodward. ‘If you do have to provide something, give something misleading, or use systems that obfuscate who and where you are, like a VPN or special browser like TOR [The Onion Router, a browser designed for anonymous communication]. Don’t give permissions to apps for things like location and contacts. 

‘But lastly, go around and clean up after yourself. It’s a bit of a pain, but it will come back and bite you.’


MORE : Online marketplace selling stolen data from just 56p taken down in global sting


MORE : Leak of secret documents reveals Putin’s global and domestic cyberwar tactics





READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.