FAYETTEVILLE, Ark. (KFTA) — Equifax’s recent data breach affected 145.5 million U.S. consumers, including many Arkansans. While some said they’re happy to get a $125 check in a settlement from the company, the situation highlighted a bigger problem: people’s online habits are putting them at risk for digital theft.
“When you hear of people being hacked, most of the time what has happened is that a criminal has found your password, associated it with your email address, and has just attacked various accounts,” said Kevin Metcalf, Washington County’s Deputy Prosecuting Attorney. “So, they will try that variation of that email and that password on multiple accounts…Netflix, Hulu, Amazon, you name it.”
Metcalf uses many of the same techniques hackers do to track online predators and criminals. A number of resources are completely free to anyone with internet access.
“If I can pick out how you’re changing that password by each account that you set up, I can start guessing,” Metcalf said of a hacker’s mentality. “I have a pattern to go by now.”
Karl Johnson is a Northwest Arkansas resident, and he said he was happily surprised to be a part of the Equifax settlement.
“I did actually file for the $125,” Johnson said. “Normally, I don’t think that my information is at risk of being stolen. I probably should be more secure.”
Metcalf said people who were affected by the settlement should realize the magnitude of the situation.
“Every piece of information that comes out about you creates a piece of a puzzle,” Metcalf said. “This puzzle can be used to put your entire life together.”
With that information, hackers can steal passwords, uncover home addresses and mine credit card numbers. Metcalf said there are basic steps one can take to protect his or her information:
- Use a password manager to create and store a secure password. He said to use a minimum of 14 characters for the password, and include uppercase letters, lowercase letters, numbers and special characters.
- When setting up security questions, don’t use truthful answers. He said hackers can use those answers to log into any account with the same question and answer.
- Always turn on two-factor authentication. An authenticating app like Google Authenticator or Authy is advised.
There are several websites that allow concerned people to see if they’ve been in a breach, including Have I Been Pwned? and DeHashed. Metcalf said he hopes people start taking preventative measures to protect themselves.