Check whether you were breached
If you receive a breach notification email from a service, or a login alert appears from an unfamiliar location, you should suspect a breach.
It's also good to periodically use a breach-lookup service that tells you whether your email is included in a known breach.
What to do immediately
If you've confirmed a breach, handle it quickly in order.
- Immediately change the password on that site
- Change it on every other site where you used the same password
- Turn on two-factor authentication (2FA) on accounts that support it
- Check your payment history and login records for any unusual activity
The risk of reusing the same password
An email-and-password combination leaked from one site is immediately fed into logins on other sites automatically (credential stuffing). That's how a breach in one place spreads into cascading damage across many accounts.
If you use a completely different password on every site, even if one leaks the damage stays confined to that single site.
Preventing it going forward
Habits that prevent a recurrence.
- Use a password manager for a unique, strong password on every site
- Keep two-factor authentication on for important accounts at all times
- Check regularly with a breach-monitoring service
- Delete old accounts you no longer use