One famous scandal was a kid hacked our Principal’s email and sent a prank about school being cancelled. I was shocked, especially when this attack came from someone I didn’t think was that sophisticated.

It turns out the email password was part of a data breach from real hackers (sorry if you’re reading this) and our school administrators’ email was just in the public domain.

There’s a site called haveibeenpwned.com. If you put your email in there, you will find out that a frightening number of companies have leaked your data and you have probably gotten zero compensation. You were probably not even aware.

Well… what do you do?

For prevention, I had to learn the hard way.

The easiest way is to not make so many accounts. It’s easy to, especially when every restaurant and clothing brand makes you sign up for 5% off. Even when you do make an account, it’s best to avoid giving too much information. You don’t really need to give most sites your real name and birthday.

I would make an exception for flights, financial services, hotels, and school related ones. But that’s a lot less than 100%!

If you must, I recommend using a spam email for all non-critical accounts. This means even if your email is leaked, it is separated from your money and govt accounts. Even better, there are a few services that will generate an alias email that just forwards you everything. I have a unique email for each account and I use iCloud for this.

However, sometimes these hacks actually reveal more information.

See Internet Security