As if to underscore the lessons learned by the Gawker Media hack last year, online dating sites PlentyOfFish.com and eHarmony.com were recently hacked as well. Yet again, you must take action to protect yourself in this situation. But what can you do if their site is compromised? It doesn’t matter what measures you have taken to secure your data if the site to which you have given it is compromised… or does it?
In fact, it does. Even if one popular website you use is compromised, all need not be lost. Understand that, yes, if you have given a website, e.g., Facebook, Google, PayPal, eHarmony, etc., a lot of your sensitive information, and that site is compromised, so is your data. However, you can take measures to proactively defend yourself.
- Start by not giving websites any information that they do not really need. Does Facebook need your credit card information? Does PayPal need your bank account information? Maybe not. Do not volunteer information you do not need to divulge and it will not be at risk if a third party’s systems are compromised.
- Do not use options to “store my credit card information” if vendors offer it. If they don’t hold your info, it’s a lot less likely that it will be compromised.
- Use different identification information. Get separate email addresses for use with separate websites. The Gawker hackers, for example, cross-referenced email addresses and passwords with those of Twitter accounts. While I haven’t yet read of it happening, it is quite likely that someone with an account on both eHarmony and PlentyOfFish.com used the same email address and, according to anecdotal evidence, password, on both sites.If you have your own domain name, talk with your email system administrator and see if email aliases can be set up to allow this. This will allow you to set up unique addresses for every site that you use, e.g., “[email protected],” “[email protected],” etc.If you use GMail, you can make an on-the-fly email address by adding a plus sign (+) and additional characters between the first part of your email address and the at sign (@). For example, if your email address is [email protected], you can make something like [email protected], and all emails send to that address will come to your inbox. Note that not all websites accept this as a properly formatted email address, but most do. This is a great way to make a unique email address to give to a specific website without having to go through the hassle of setting up a new account.