New breach detected.

EJB
EJB Posts: 52 Active Engager
edited September 3 in Device Protection

Have an email re the title.

It suggests that one of our email address's and a particular password has been breached.

Can't find the combination of 'Email address/Password' in our Microsoft wallets or on our hardcopy password lists.

Can I assume it is an old combination that we have possibly used but deleted in the past?

PS. Have now found that I have been notified with the same breach over the last 3 or 4 years.

Accepted Answers

  • marmab
    marmab Posts: 46 Moderator
    Answer ✓

    Hello @EJB & @FionaM

    For F-Secure's ID monitoring we will always show your entire exposure from the first time you enter your email address for monitoring. Sometimes data breaches take years to surface which results in old breaches appearing on the list. If you haven't reacted to the recommendations already earlier, react now. If the password has since been changed since the breach detection you may skip over the detection or do the same should the account no longer exist. Please refer to the information involving which type of breach is involved:

    The recommendations are different based on the type of breach. Have a look at this short summary of what to do depending on which item of personal information was breached:

    • e-mail address: Change your password immediately on the target site. When you change your password, instead of thinking of a new password yourself and trying to remember or record it, take this opportunity to start using the password vault inside F-Secure ID PROTECTION. The password vault helps you create a strong unique password on each account, remembers them, and fills them into login pages for you [same for all “change password” advice cases]. Please be cautious about unsolicited calls or messages asking for personal information (smishing and vishing) 
    • phone number: If you detect misuse of your phone number, contact your service provider. Remove your phone number from any services that do not require it. Change your password immediately. Please be cautious about unsolicited calls or messages asking for personal information (smishing and vishing) 
    • password: Change your password immediately, also for the platforms where it was reused. Verify that you still retain the ownership of the target account (or any accounts that used the same password) and your information has not been tampered with – for example, disconnect any connected devices that are not your own and check for and remove unexpected forwarding rules on email accounts. Please be cautious about unsolicited calls or messages asking for personal information (smishing and vishing) 
    • credit card details leaked (only type of card): Keep an eye on your accounts for unfamiliar transactions. Change your password immediately. Please be cautious about unsolicited calls or messages asking for personal information (smishing and vishing) 
    • any other information concerning the credit card type: contact your card issuer for specific guidance. Keep an eye on your accounts for unfamiliar transactions. Change your password immediately. Please be cautious about unsolicited calls or messages asking for personal information (smishing and vishing) 
    • bank account number leaked: Keep an eye on your account for unfamiliar transactions and contact your bank if you notice anything suspicious. Note that this is not a major issue, since not much harmful action can be performed with a bank account number. But please remain cautious about unsolicited calls or messages asking for personal information (smishing and vishing). 
    • social security number: If you suspect your social security number is used as a part of a fraud, contact your local police to file a report. In Europe, Social Security Numbers are not used for e-Commerce Transactions. Please remain cautious about unsolicited calls or messages asking for personal information (smishing and vishing) 
    • date of birth: do not provide your birthdate to services unless it is required by law. Change your password immediately. Please be cautious about unsolicited calls or messages asking for personal information (smishing and vishing) 
    • passport details leaked: If the passport number is leaked, it is unlikely this will lead to identity theft. If your physical passport is stolen, file a police report immediately. Do not provide your passport details to services unless it is required by law. Contact your passport issuer for further instructions and discuss applying for a new passport.  
    • physical address-related info leaked: do not provide your address or location to services unless it is necessary for the service to work or the law requires it. Note that this is not a major issue, since not much harmful action can be performed with an address. But please remain cautious about unsolicited calls or messages asking for personal information (smishing and vishing) 

    I hope this has been helpful in addressing you inquiry. Should you need more information do not hesitate to let us know how we can assist you further.

     

  • EJB
    EJB Posts: 52 Active Engager
    Answer ✓

    Thankyou.🙂

Answers

  • FionaM
    FionaM Posts: 1 Observer

    I have the same query. I spent hours going through my passwords on my phone yesterday but couldn’t find the password that was reportedly involved in a breach. It was a password that I used frequently years ago but, as far as I know, is not used any longer.

Feedback on New Design